WANE reports: The Indiana Department of Health announced Tuesday it is notifying nearly 750,000 Hoosiers that data from the state’s COVID-19 online contact tracing survey was improperly accessed back in July. The data included name, address, email, gender, ethnicity and race, and date of birth. “We believe the risk to Hoosiers whose information was accessed…
Category: U.S.
T-Mobile says at least 47M current and former customers affected by hack
Zack Whittaker reports: T-Mobile has confirmed that millions of current and former customers had their information stolen in a data breach, following reports of a hack over the weekend. In a statement, T-Mobile, which has more than 100 million customers, said its preliminary analysis shows 7.8 million current postpaid T-Mobile customers had information taken in the…
New details — and data — emerge from Eskenazi Health ransomware incident
On August 4, this site noted that Eskenazi Health in Indiana had reportedly gone on diversion protocols following an attempted ransomware attack. On August 9, the hospital reported that it was still on diversion but that no patient or employee data was affected by the attack – or at least as far as they could…
Secret terrorist watchlist with 2 million records exposed online
Ax Sharma reports: A secret terrorist watchlist with 1.9 million records, including classified “no-fly” records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. Read more on BleepingComputer. The government wouldn’t respond to inquiries by BleepingComputer as to whether this was the government’s Terrorist Screening Center list, and whether…
Healthcare provider expected to lose $106.8 million following ransomware attack
Sometimes (but not always), breaches have steep consequences. Catalin Cimpanu reports: Scripps Health, a California-based nonprofit healthcare provider that runs five hospitals and 19 outpatient facilities, said it expects to lose an estimated $106.8 million following a ransomware attack that hit the organization in May 2021. “Operating revenues and operating expenses for the quarter ended…
Exclusive: Attack on HVAC vendor gave threat actor access to Boston Children’s Hospital
If you think about “supply chain attack” and “HVAC,” you will probably immediately think of the headline-making Target breach of 2013. But that wasn’t the only breach via a third-party HVAC vendor. Just this month, several hospitals in Boston may have narrowly escaped potentially serious breaches when their HVAC vendor was hacked and the threat…