Sean Adams reports: York County officials have released a warning to residents that a “data privacy event” might have put their information at risk. County officials shared that “in early 2025, the county was notified of a possible data security incident” involving a vendor working with them. An employee of that vendor had been hired…
Category: Subcontractor
Hack of Opexus Was at Root of Massive Federal Data Breach
This breach may not turn out to be the biggest insider breach of 2025, but it may well turn out to be one of the most impactful. Jason Leopold reports: A software company that handles sensitive data for nearly every US federal agency was the victim of a cyber breach earlier this year due to…
Supplier to major UK supermarkets Aldi, Tesco & Sainsbury’s hit by cyber attack with ransom demand
Owen Scott reports that Peter Green Chilled, a transport service to some of Britain’s supermarkets, has been the victim of a cyberattack with a ransom demand. Peter Green Chilled has said that it is issuing “regular updates” to clients while the attack continues. The company’s clients include major supermarkets such as Tesco, Aldi, and Sainsbury’s. Now,…
Ransomware Attack on ADP Partner Exposes Broadcom Employee Data
Tim Toole reports: A ransomware attack on Business Systems House (BSH), a Middle Eastern partner of payroll provider ADP, led to Broadcom employee data theft in September 2024. Data was leaked online in December, but Broadcom wasn’t informed until May 2025. The El Dorado ransomware group claimed responsibility for the breach, which occurred as Broadcom…
RIBridges firewall worked. But forensic report says hundreds of alarms went unnoticed by Deloitte.
Alexander Castro reports: A cybercriminal group breached the state’s public benefits portal last July, lingered inside the network’s backend for five months, and triggered hundreds of firewall alerts when it transferred gigabytes of Rhode Islanders’ data to its own servers in November. But RIBridges system vendor and manager Deloitte, a multinational firm valued at $67.2 billion last…
Patients left in the dark almost a year after criminals leaked sensitive medical data from Synnovis
Alexander Martin reports: More than 11 months after a ransomware group published information from a U.K. pathology services company, the affected patients still have not been informed about what data of theirs was exposed in the incident, with material about sexually transmitted infections and cancer cases being included in the leaks. The data was compromised…