Lawrence Abrams reports: The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security breach, urging users to remain vigilant against phishing emails. On January 13th, MailChimp confirmed they suffered a breach after hackers stole an employee’s credentials using a social engineering attack. Read more at BleepingComputer.
Category: Subcontractor
BlackCat adds NextGen to its leak site, but …. where did it go?
On January 17, BlackCat (aka ALPHV) added NextGen to their leak site. On January 19, DataBreaches sent an email inquiry to NextGen asking when they were attacked, whether files had been encrypted, and whether any employee data or patient data had been accessed or exfiltrated. NextGen responded promptly and then sent the following statement: NextGen…
Ph: Comelec, Smartmatic cleared of data privacy violations in 2022 polls
Hana Bordey reports: The National Privacy Commission (NPC) has cleared the Commission on Elections and the Smartmatic Group of Companies of alleged violation of the Data Privacy Act (DPA) over the supposed breach of election data during the 2022 national and local polls. This was announced by Comelec spokesperson Rex Laudiangco in a press statement…
OH: Security breach at software provider affects software in registrar’s office and other vendor clients (UPDATED)
UPJobNews reports: Lawyers, title company workers and citizens trying to register documents before the end of 2022 found they can’t for now thanks to a security breach affecting the Columbiana County Recorder’s office. No other Columbiana County offices or servers are affected. County Recorder Jim Armeni Sr. announced the issue Thursday, posted a note on…
CommonSpirit Gets Restraining Order in Missing Patient Info Suit (UPDATED)
Holly Barker reports: CommonSpirit Health, one of the country’s largest nonprofit health systems, convinced a federal judge in Texas to order a medical technology vendor to return hundreds of thousands of medical records it was sent to archive. The US District Court for the Northern District of Texas’s order directs Emerge Clinical Solutions LLC to…
MN: State network data breach has potential impact on some Rochester Public Library users
Post Bulletin reports: Rochester Public Library was notified that one of its library service partners, MNLINK, experienced a data breach on Dec. 15, 2022. Through the random cyber attack, the names and email address of 1,709 Rochester library customers might have been accessed. Read more at Post Bulletin.