Bill Toulas reports: Flagstar Bank is notifying 1.5 million customers of a data breach where hackers accessed personal data during a December cyberattack. Flagstar is a Michigan-based financial services provider and one of the largest banks in the United States, having total assets of over $30 billion. Read more at Bleeping Computer.
Category: U.S.
Data allegedly from “Georgia Board of Education” up for sale on a forum?
Some data allegedly from the Georgia Board of Education was offered for sale on a hacking-related forum last week. But were they really from the state board of education? After DataBreaches started asking questions, the listing seems to have been removed. Last week, DataBreaches.net spotted a listing on a hacking-related forum that offered what was…
Ex-Amazon Cloud Worker Convicted of Capital One Hack
Robert Burnson reports: A former Amazon Web Services worker was convicted of hacking into the company’s cloud servers to steal customer data and computer power that she used to mine cryptocurrency. Following a week-long trial in Seattle, Paige A. Thompson, 36, was found guilty of seven federal crimes, including wire fraud, which carries a prison sentence…
Patient Radiology Files Accidentally Exposed Online by Yale New Haven Hospital
Yale New Haven Health in Connecticut has issued a statement concerning an error that exposed some patients’ files to the public between December 16, 2021 and April 18, 2022: New Haven, CT (June 17, 2022) –Yale New Haven Hospital (YNHH) today announced that a file created for research was unintentionally posted on a public facing…
Vallejo Woman, Tamara Manuel Sentenced to Over 3 Years in Prison for Wire Fraud and Identity Theft
Waqar Nawaz reports: Tamara Manuel, 52, of Vallejo, was sentenced today by U.S. District Judge Troy L. Nunley to three years and three months in prison for carrying out a fraudulent scheme that involved stealing the identities of severely disabled individuals to obtain federal tax refunds, U.S. Attorney Phillip A. Talbert announced. According to court…
IN : Schneck Medical Center sued over 2021 data breach
On September 29, 2021, Schneck Medical Center in Indiana announced that it had been the victim of a cyberattack. But it wasn’t until May, 2022, that the medical center began notifying what they characterized as a “limited number” of patients about the incident. As DataBreaches reported at the time, their notification left important questions unaddressed. …