KUAC reports: Multiple class action lawsuits recently filed in federal court claim an Interior Alaska Native Corporation failed to take reasonable steps to protect personal data from a cyberattack last year. Court filings show at least four different plaintiffs have lodged a complaint against Doyon, Ltd., in Alaska District Court since mid-June, on behalf of…
Category: U.S.
CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch
By the end of yesterday, federal agencies should all have patched. But did they? And how many others have yet to patch? Bill Toulas reports: The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day…
Avantic Medical Lab hacked; patient data leaked by Everest Group
On June 10, the Everest Group added a listing for Avantic Medical Lab to its leak site, accompanied by a one-week countdown clock and four screenshots containing patient information as proof of the claims. When the attack first occurred, and whether Everest had contacted Avantic before June 10, is unknown to DataBreaches, but on June…
Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
HHS added ten listings to its public leak site today, all of which are part of the Integrated Oncology Network (“ION”). See updates to 22 listings. According to its substitute notice, on May 9, ION concluded an investigation of a phishing incident that occurred between December 13 and December 16, 2024. The incident resulted in…
HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
In October 2023, Deer Oaks Behavioral Health in Texas disclosed a ransomware attack that affected 171,871 patients, which they discovered on September 1, 2023. LockBit3.0 claimed responsibility at the time and leaked data from the incident. Today, HHS OCR announced a settlement with Deer Oaks following an expanded investigation that had been opened after an…
Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
While some of us were considering whether Hunters International was in the process of re-branding as World Leaks or not, World Leaks was busy adding a hospital to its leak site. Kentfield Hospital in California is a critical care hospital that specializes in treating patients with complex medical needs who require an extended period of…