Toh Ting Wei reports: About 580,000 Singapore Airlines (SIA) customers have been affected by a data leak at an external firm. SIA said in a statement yesterday that members of its KrisFlyer and PPS Club reward programmes have had their membership numbers, tier status and, in some cases, membership names compromised. […] SIA said the…
Category: Subcontractor
Court Upholds Insurers’ Denial of $6M Crime Claim for Phishing Loss
Andrew G. Simpson reports: Real estate software maker RealPage has been denied a $6 million computer crime insurance coverage claim because the stolen funds were not in its possession but were instead being held by a payment processing firm at the time of a phishing scheme. National Union Fire Insurance Co. (a unit of American…
The Accellion breach also impacted Qualys; threat actors start dumping files
As I noted yesterday on Twitter, Qualys was added to threat actor CLOP’s leak site, raising the question as to whether the firm had been an Accellion client. They had. Qualys issued a statement later yesterday. It said, in part: Qualys has confirmed that there is no impact on the Qualys production environments, codebase or…
AllyAlign notifies 76,348 members and providers of ransomware attack
AllyAlign Health (AAH), a Medicare Advantage special needs plan administrator, recently notified 76,348 members and providers of an attempted ransomware attack. But how successful were the threat actors? And what could the Virginia firm figure out and what couldn’t they figure out based on their investigation? According to AAH’s notification letter, the attack occurred on…
Security breach prompts lockdown of some Manitoba student databases
Josh Crabb reports: Electronic databases that contain personal information about some Manitoba students have been temporarily shut down following a security breach. The Maplewood system is run by an Ontario company and is used by 14 school divisions in Manitoba. There’s no evidence any data or personal information was compromised but some parents still have…
In a year of supply-chain attacks, do you have your business associate agreements in place?
I recently came across a breach report that is a useful reminder of the value of ensuring that business associate agreements (BAA) are in place, and that compliance with the agreements is assessed regularly. In this instance Humana, a health plan, reported that on December 22, they were notified by a business associate that an…