More than two months after Fortra first began notifying clients that threat actors had exploited a vulnerability in GoAnywhere, many patients whose protected health information was stolen may still have no clue. In Part 1, we noted six entities that have disclosed the breach. Five of them are listed on Clop’s leak site with their…
Category: Subcontractor
The Fortra/GoAnywhere breach also affected healthcare entities. Here’s what we know so far. (3)
More than two months after Fortra first began notifying clients that threat actors had exploited a vulnerability in GoAnywhere, many patients whose protected health information was stolen may still have no clue. In Part 1, we note entities that have already disclosed the breach. In Part 2, we will note those entities that do not…
Illuminate Education Beats Lawsuit Over Breach of Student Data
Christopher Brown reports: Illuminate Education Inc. defeated a proposed class action alleging it negligently failed to protect the information of more than 3 million elementary and high school students that was exposed in a late-December 2021 data breach. The plaintiffs failed to show that they had suffered concrete harm from the breach or were at…
Investigation underway into cyber attack affecting charities for sexual assault survivors
The Journal reports that a ransomware attack on a data management company in Northern Ireland affects data held by charities and non-profits, including several organizations working with sexual assault survivors. The PSNI has confirmed that it received a report of a cyber incident on 30 March and referred the case to specialist detectives in its…
Over a Million Financial Records Exposed in Data Incident Involving NorthOne Bank
Jeremiah Fowler discovered yet another unsecured database. This one reportedly had more than one million financial records: The PDF documents that were made public included invoices from both individuals and businesses who used an app to pay for products and services. The invoices contained names, email addresses and physical addresses, phone numbers, and more. In…
So then the law firm Uber gave sensitive driver data to for legal representation got hacked….
Mike Stevens reports: An unknown number of Uber drivers have been informed by a legal firm that represents Uber Technologies that sensitive data, including their identities and Social Security numbers, has been taken by cyberattackers. This data includes the drivers’ names. The world’s largest ride-sharing company has suffered its third data hack in the last half a…