Catalin Cimpanu reports: The US Federal Bureau of Investigations has published today its first-ever public advisory detailing the modus operandi of a “ransomware affiliate.” A relatively new term, a ransomware affiliate refers to a person or group who rents access to Ransomware-as-a-Service (RaaS) platforms, orchestrates intrusions into corporate networks, encrypt files with the “rented ransomware,”…
Category: U.S.
UT: Phishing attack exposes medical information for 12,000 patients at Revere Health
Sean Hemmersmeier reports: A healthcare employee was the subject of a phishing email attack that exposed some medical records for approximately 12,000 patients, including patients of cardiology practice in St. George, according to a press release sent out by healthcare company Revere Health on Friday. The employee’s email was breached for roughly 45 minutes on…
Chico State Students React to COVID-10 Vaccination Data Breach
Carmela Karcher reports: A data breach at Chico State University exposed the personal information of students who requested COVID-19 vaccination religious exemptions. According to the Associated Press, the information was posted on an anonymous internet message board and leaked records for about 130 students. Read more on CBS12. It’s not clear how this data got…
Atlanta Allergy & Asthma first mails notices to patients; data was dumped back in March
On March 3, DataBreaches.net reported that Atlanta Allergy & Asthma had apparently been compromised by Nefilim threat actors, who had dumped more than 2 GB of patient-related files on a dedicated leak site. DataBreaches.net not only reported that, but provided a redacted screencap and noted that this site had reached out to the covered entity…
U.S. State Department recently hit by a cyber attack – Fox News
Reuters reports: The U.S. State Department was recently hit by a cyber attack, and notifications of a possible serious breach were made by the Department of Defense Cyber Command, a Fox News reporter tweeted https://bit.ly/3z7RTH7 on Saturday. It is unclear when the breach was discovered, but it is believed to have happened a couple of…
Morgan Stanley names vendor in data security case
Colin Staub reports: Morgan Stanley has identified the data center decommissioning provider it claims was responsible for a data-breach incident, which led to lawsuits and a $60 million penalty against the financial giant. The bank was named as a defendant in several class-action lawsuits last, after customer information was mismanaged during 2016 and 2019 computer…