Sergiu Gatlan reports: The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti’s Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country. The Norwegian Security and Service Organization (DSS) said on Monday that the cyberattack did not affect Norway’s Prime Minister’s Office, the…
Category: Subcontractor
Law Firm Hack Affects Victims of an Earlier Breach Again
Marianne Kolbasuk McGee reports: A global law firm is notifying nearly 153,000 individuals of a hacking incident that compromised several client files. The files contained sensitive personal information and affects vision care patients who had been victims of a breach three years ago. Orrick, Herrington & Sutcliffe on July 20 reported the data breach to…
CalPERS CEO gives update on data hack that exposed Social Security numbers, birth dates
Maya Miller reports an update by California Public Employee and Retirement System on the MOVEit breach by their vendor, PBI Research/Berwyn Group: In the Monday update, Frost said CalPERS has received nearly 4,000 calls about the breach at its own customer contact center. The average wait time is one minute, she said. Retirees can also…
Hillsborough notifies 70,000 of potential data breach in health, aging services
C. T. Bowen reports: Hillsborough County has notified more than 70,000 people that a global data breach may have put their personal information at risk. The breach involved the MOVEit file transfer tool, a third-party service that complies with federal Health Insurance Portability and Accountability Act (HIPAA) regulations. The breach also may have affected 106…
Another business associate attack results in theft of patient data — Panorama Eyecare
Panorama Eyecare in Colorado is a physician-owned firm providing business associate services to vision care providers: Earlier today, the firm was added to LockBit’s leak site with a claim that 798 GB of data had been exfiltrated from four of the firm’s clients: Eye Center of Northern Colorado Denver Eye Surgeons Cheyenne Eye Clinic &…
College learns that two of its vendors were impacted by MOVEit breach.
Earlier this week, DataBreaches reported that Imagine360 had the unfortunate experience of discovering that two of their file-sharing platforms had both suffered breaches within days of each other: Citrix and Fortra/GoAnywhere. Today we bring you another double-whammy scenario. But in this one, it’s not two different platforms being breached within days of each other. This…