Carly Page reports: Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest contract chipmaker, has confirmed it’s experienced a data breach after being listed as a victim by the LockBit ransomware gang. The Russia-linked LockBit ransomware gang listed TSMC on its dark web leak site on Thursday. The gang is threatening to publish data stolen from the company,…
Category: Subcontractor
Breach of the Protection Obligation by Fullerton Healthcare and Agape CP Holdings
From the Privacy and Data Protection Commission of Singapore, there’s an update to a breach that was previously disclosed in October 2021: A financial penalty of $58,000 and $10,000 was imposed on Fullerton Healthcare and Agape CP Holdings respectively for failing to put in place reasonable security arrangements to protect personal data belonging to Fullerton…
At least 100,000 could have had data exposed after US health department was hit by global MOVEit cyberattack
Sean Lyngaas reports: At least 100,000 people could have had their data compromised by a hack of contractors at the Department of Health and Human Services, a department official said Thursday, making it the latest US government agency to be caught up in a sweeping cyberattack connected to Russian cybercriminals. HHS notified Congress of the breach on…
Henrietta Johnson Medical Center patients affected by breach at Delaware Health Net
CORRECTION AND UPDATE: DataBreaches has been contacted by a spokesperson for Delaware Health Information Network who says that they were not the party responsible for this breach and this site should not have linked to them and should have linked to Delaware Health Net if they were the responsible party. DataBreaches checked the medical center’s…
HHS Office for Civil Rights Settles HIPAA Investigation with iHealth Solutions Regarding Disclosure of Protected Health Information on an Unsecured Server for $75,000
HHS has announced another Security Rule enforcement action. This one involves iHealth Solutions (dba Advantum Health), a business associate. The incident involved an unsecured server where protected health information of patients was exfiltrated. The iHealth incident had been discovered by Kromtech Security and was first reported by DataBreaches on May 9, 2017. On May 10,…
Oreo cookie maker says crooks gobbled up staff info
Jessica Lyons Hardcastle reports: Mondelez International has warned 51,000 of its past and present employees that their personal information has been stolen from a law firm hired by the Oreo and Ritz cracker giant. To be clear, the miscreants didn’t infiltrate Mondelez’s IT estate: they broke into Bryan Cave Leighton Paisner LLP‘s network. And as…