Maya Miller reports an update by California Public Employee and Retirement System on the MOVEit breach by their vendor, PBI Research/Berwyn Group: In the Monday update, Frost said CalPERS has received nearly 4,000 calls about the breach at its own customer contact center. The average wait time is one minute, she said. Retirees can also…
Category: Subcontractor
Hillsborough notifies 70,000 of potential data breach in health, aging services
C. T. Bowen reports: Hillsborough County has notified more than 70,000 people that a global data breach may have put their personal information at risk. The breach involved the MOVEit file transfer tool, a third-party service that complies with federal Health Insurance Portability and Accountability Act (HIPAA) regulations. The breach also may have affected 106…
Another business associate attack results in theft of patient data — Panorama Eyecare
Panorama Eyecare in Colorado is a physician-owned firm providing business associate services to vision care providers: Earlier today, the firm was added to LockBit’s leak site with a claim that 798 GB of data had been exfiltrated from four of the firm’s clients: Eye Center of Northern Colorado Denver Eye Surgeons Cheyenne Eye Clinic &…
College learns that two of its vendors were impacted by MOVEit breach.
Earlier this week, DataBreaches reported that Imagine360 had the unfortunate experience of discovering that two of their file-sharing platforms had both suffered breaches within days of each other: Citrix and Fortra/GoAnywhere. Today we bring you another double-whammy scenario. But in this one, it’s not two different platforms being breached within days of each other. This…
If Kirkland & Ellis Can’t Avoid Cyberattacks, Who Can?
Justin Henry reports: By exploiting a vulnerability in a widely used file transfer application, hackers were able to access the internal information of several large organizations, including three Am Law 50 law firms, highlighting the vulnerability of widespread use of one third-party application. The incident has observers wondering: If some of the largest and most profitable…
Imagine360 discovers that two of its file-sharing platforms were hit within days of each other.
With all the big attacks on third-party vendors, it’s not surprising that some entities are reporting two or more breaches in a short period of time. Imagine360, LLC, is a self-funded health plan for employers. On or around January 30, Imagine360 identified unusual activity within Citrix, its third-party file-sharing platform. Imagine360 terminated access to the…