Jonathan Greig reports: Nearly half a million people had their sensitive financial information leaked during a cyberattack on NCB Management Services – a company that purchases debt. The Pennsylvania-based company sent out breach notification letters last week after discovering the attack on February 4. In documents filed with Maine’s Attorney General, the company said 494,969 people had…
Category: U.S.
So you leaked data on BreachForums, but weren’t the hacker? Can you be prosecuted for leaking?
In the wake of the arrest of “Pompompurin,” BreachForums’ self-proclaimed owner and moderator, DataBreaches has been contacted by a number of anxious folks who want to know if they are at risk of being arrested for their own actions. Obviously, DataBreaches is not a lawyer or any kind of authority and can’t provide any assurances. …
Illinois Gastroenterology Group settles class action litigation for undisclosed sum
There has been a settlement in litigation stemming from a breach previously noted on DataBreaches. Without admitting guilt or wrongdoing, Illinois Gastroenterology Group has agreed to pay an undisclosed sum to settle claims from an October 2021 data breach first disclosed in April 2022. The incident involved unnamed threat actors accessing and exfiltrating data on…
A listing about a government victim disappeared from LockBit’s site. But why? (UPDATE1)
Update of March 28: It seems LockBit re-listed WCSO last night on their leak site and has dumped data from them, although the files do not seem to be downloading at this time. When an entity has been the victim of a cyberattack, they’d be smart not to discuss the attack via their email system…
A hospital went dark after it was hacked. It’s still reeling two years later
Farah Yousry reports the aftermath of a ransomware attack by Hive that was previously reported on DataBreaches in 2021: As the second year of the pandemic was nearing an end, employees at Johnson Memorial Health hoped they could catch their breath after dealing with a weeks-long tsunami of COVID-19 hospitalizations and deaths. But on a…
NYS Secures $200,000 from Law Firm for Failing to Protect New Yorkers’ Personal Data
NYS Attorney General Letitia James announced a settlement: New York Attorney General Letitia James secured $200,000 from the law firm, Heidell, Pittoni, Murphy & Bach LLP (HPMB) for failing to protect New Yorkers’ personal and healthcare data. HPMB’s poor data security measures made it vulnerable to a 2021 data breach that compromised the private information of approximately…