On July 30, 2021, DataBreaches.net reported on a claimed cyberattack against Sandhills Center in North Carolina. Data for sale had shown up on the “Marketo” site, and when DataBreaches.net looked at the “proof packs,” of data, they included psychological evaluations and other documents with personal and sensitive information. Much of the data was old, and…
Category: U.S.
Data breach at Coalinga State Hospital reveals private information on nearly 1,800 patients
KFSN reports: On Friday, the State Hospital Department announced a privacy breach at Coalinga State Hospital. Employees have improperly provided confidential information about approximately 1,800 patients now and in the past to the US District Court in the Eastern District of California, officials said. The breach occurred on July 21, 2013, October 12, 2016, and…
Before you leave for the holiday weekend, if you haven’t left already…
The government issued a warning this week reminding people that threat actors are likely to attack when entities are short-staffed due to weekends or holidays. Brett Callow posted an interesting graphic on Twitter that may help drive that point home: “What did you do last weekend, Mrs Ransomware Criminal?” “Oh, not much. I was busy…
Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role
Jordan Robertson reports: Days before Christmas in 2015, Juniper Networks Inc. alerted users that it had been breached. In a brief statement, the company said it had discovered “unauthorized code” in one of its network security products, allowing hackers to decipher encrypted communications and gain high-level access to customers’ computer systems. Further details were scant,…
US farm loses $9 million in the aftermath of a ransomware attack
Catalin Cimpanu reports: A US farm lost a whopping $9 million due to a temporary shutdown of its farming operations following a ransomware attack earlier this year; the FBI said this week. The incident, which took place in January 2021 after hackers gained access to the farm’s internal network through compromised admin credentials, is part…
Industry lobbies Congress to extend notification timeline after cybersecurity incidents
Maggie Miller reports: Key industry groups on Wednesday pushed to give organizations at least three days to report cybersecurity incidents to the federal government, effectively opposing Senate legislation that would give them 24 hours to report breaches. Read more on The Hill.