The Federal Trade Commission charged that the genetic testing firm 1Health.io left sensitive genetic and health data unsecured, deceived consumers about their ability to get their data deleted, and changed its privacy policy retroactively without adequately notifying and obtaining consent from consumers whose data the company had already collected. As part of a proposed settlement with the…
Category: U.S.
Iowa’s largest school district confirms ransomware attack, data theft
Sergiu Gatlan reports: Des Moines Public Schools, Iowa’s largest school district, confirmed today that a ransomware attack was behind an incident that forced it to take all networked systems offline on January 9, 2023. While the school district also received a ransom demand following the attack from an unnamed ransomware group, the ransom has not…
16,000 Vermont health insurance customers affected by Fortra/GoAnywhere breach, more than previously known
DataBreaches continues to keep an eye out for reports on how the Fortra/GoAnywhere breach affected the healthcare sector. Here’s another report, this one by Tiffany Tan: The personal information of at least 16,000 Vermont health insurance customers was stolen in a cyberattack in January — more than twice the number originally reported. The affected people…
Microsoft admitted it was targeted in a cyber attack claimed by a Russian-linked group called Anonymous Sudan
Ananya Bhattacharya reports: The disruptions to Microsoft’s services earlier this month were indeed the result of hacks, the software giant has admitted. In a blogpost Friday (June 16), the Redmond, Washington-based tech behemoth attributed the “surges in traffic against some services that temporarily impacted availability” to the “ongoing DDoS activity by the threat actor that Microsoft tracks…
BlackCat claims they hacked Reddit and will leak the data
As if Reddit wasn’t already having serious issues these days, they have allegedly been hacked by AlphV (aka BlackCat), who write: Operators broke into Reddit on February 5, 2023, and took 80 gigabytes (zipped) of data. Reddit was emailed twice by operators, once on April 13 and one again on June 16. There was no…
US Energy Dept gets two ransom notices as MOVEit hack claims more victims
Reuters reports: WASHINGTON: The U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and scientific education facility that were recently hit in a global hacking campaign, a spokesperson said on Friday. The DOE contractor Oak Ridge Associated Universities and the Waste Isolation Pilot Plant, the…