Chris Keall reports: Privacy Commissioner Michael Webster is planning an investigation after Wellington-based IT provider Mercury IT was hit by a ransomware attack – potentially compromising sensitive data it hosts for multiple clients, including health insurer Accuro, BusinessNZ, the NZ National Nurses Association and the Ministry of Justice, with 15,000 Coroners Court files taken out. The…
Category: Subcontractor
In: Hackers Selling Personal Data Of 150,000 Patients From a Tamil Nadu Hospital in Supply-Chain Attack
Bharat Sharma reports: After a cyberattack on AIIMS knocked out its servers, a threat actor is selling medical records of patients of a Tamil Nadu-based multispecialty hospital. A report released by CloudSEK claims that patient data of Sree Saran Medical Centre is on sale by a threat actor. On November 22, 2022, CloudSEK discovered a post…
No sign patient information leaked; Interdev platform for Canadian paramedic agencies taken offline
Brendan Burke of The Peterborough Examiner reports: There’s nothing to suggest patients’ confidential information has been compromised after a cybersecurity incident forced Peterborough County-City Paramedics’ data collecting software system to be shut down earlier this week, says Chief Randy Mellow. “There’s absolutely no evidence that this incident has caused any medical or personal information to…
PA: Media’s reporting on breach led to new state data breach law
Rick Earle reports: An exclusive Target 11 investigation into a massive data breach last year has led to a new state law meant to protect every citizen of the Commonwealth. Target 11 Investigator Rick Earle broke the story of that data breach last April and now because of his reporting, state lawmakers passed legislation requiring timely notification of…
New York-Presbyterian Hospital discloses breach affecting 12,000 patients
New York-Presbyterian Hospital posted a notice on their website on November 11. The incident has not yet shown up on HHS’s public breach tool, but undoubtedly will. Here is the description of the incident, as provided by the hospital: On September 8, 2022, NewYork-Presbyterian Hospital’s data security monitors received an alert of suspicious activity on…
Hu: EdTech firm eKRÉTA that stores personal info of students breached by hacking group
As seen on Catalin Cimpanu’s RiskyBiz News: Major breach in Hungary: A hacking group named Sawarim has breached eKRÉTA, the company behind a school management platform widely deployed across Hungary. The platform is believed to store the personal details of more than 720,000 Hungarian students, aged between 6 and 18 years. While the hackers told a local…