Zack Whittaker reports: U.S. prosecutors have formally linked the arrest of a serving U.S. Army soldier in December to a massive theft of U.S. phone records from AT&T and Verizon last year. Authorities arrested Cameron John Wagenius, a U.S. Army communications specialist, in Texas on December 20 following a brief two-page grand jury indictment accusing the U.S….
Category: Subcontractor
RIBridges has many lines of defense. How was the system breached?
This article by Alexander Castro originally appeared in Rhode Island Current on January 10, 2025 and is republished here under Creative Commons License. It was updated to replace several paragraphs in the “Slow Leak” section to include a response Deloitte sent the author post-publication. Rhode Island’s online public benefits system appears to be a fortress…
U.S. Army Soldier Arrested in AT&T, Verizon Extortions
Brian Krebs reports: Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea….
More details emerge about RIBridges data breach; Deloitte tells state threat actors have leaked data
Threat actors’ leak site unreachable due to DoS attack; DataBreaches given exclusive preview of leak Marc Fortier reports: The hackers behind a major cyberattack that hit the State of Rhode Island’s online system for delivering health and human service benefits have released some residents’ files to a site on the dark web, state officials announced Monday. “Unfortunately,…
ConnectOnCall breach exposes health data of over 910,000 patients
Sergiu Gatlan reports: Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall, acquired in October 2023. ConnectOnCall is a telehealth platform and after-hours on-call answering service with automated patient call tracking for healthcare providers. “On…
Securities and Exchange Commission Settles Charges Against Flagstar for Misleading Investors About Citrix Data Breach
ADMINISTRATIVE PROCEEDING File No. 3-22360 December 16, 2024 – The Securities and Exchange Commission today filed settled charges against Flagstar Bancorp, Inc. (now known as “Flagstar Financial, Inc.”), for making materially misleading statements regarding a cybersecurity attack on Flagstar’s network in late 2021 (the “Citrix Breach”). The SEC’s order finds that Flagstar negligently made materially misleading…