Chris Boyle reports: New York Attorney General Letitia James today secured $400,000 from one of New York’s largest dental insurance providers, Healthplex, Inc. (Healthplex), for failing to properly protect the personal and medical information of New Yorkers. Healthplex, a Long Island-based company, had inadequate data security practices that made it susceptible to a data breach attack…
Category: Phishing
HHS’ Office for Civil Rights Settles First Ever Phishing Cyber-Attack Investigation
Louisiana Medical Group settles after investigation reveals large cybersecurity breach affecting nearly 35,000 patients Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a settlement with Lafourche Medical Group, a Louisiana medical group specializing in emergency medicine, occupational medicine, and laboratory testing. The settlement resolves an investigation following a…
Hackers swipe Booking.com, damage from attack is global
Tatsuya Sudo reports: Hackers breached Booking.com, one of the world’s largest online accommodation reservation sites, by posing as hotel staff to steal credit card information from travelers making bookings. Phishing scams like this have plagued Japan since May. The headquarters of Booking.com in the Netherlands conceded the damage is occurring on a global scale. Read more about this current…
Phishing Guidance: Stopping the Attack Cycle at Phase One
This guide was created by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) to outline phishing techniques malicious actors commonly use and to provide guidance for both network defenders and software manufacturers. Phishing Guidance: Stopping the Attack Cycle at Phase…
Oklahoma City University data breach lawsuit dismissed
Jessy Edwards and Jon Styf provide an update to a previously reported class action lawsuit against Oklahoma City University: A judge dismissed an Oklahoma City University class action lawsuit regarding a data breach, saying the plaintiff did not show any injury or identity theft as a result of the breach. U.S. District Judge Timothy G….
Colonial Pipeline was hacked. No, wait, Accenture was hacked. No, wait….. untangling claims. (2)
By, now, there’s been a lot of buzz by some claims made by RansomedVC on their leak site and on their Telegram channel. In their post this afternoon, RansomedVC claimed that (1) Rob Lee of Dragos somehow cheated someone called “fooble,” and as a result, (2) RansomedVC was going to leak files that Lee had…