Jeremiah Fowler reports: The publicly exposed database contained 2,363,222 documents in.PDF and.PNG formats with a total size of 92.3 GB. These included reservations, injury waivers, and receipts with partial credit card numbers and transaction details. Additionally, there were digital gift cards with no expiration date, source images for websites and templates. I immediately sent a…
Category: U.S.
Indiana Attorney General Files Suit Against Apria Healthcare
Attorney General Todd Rokita is filing a lawsuit on behalf of the people of Indiana against Apria Healthcare LLC for a massive data breach that impacted at least 42,000 Hoosiers and 1.8 million people nationwide. Apria is a provider of home healthcare equipment and related services across the United States. Apria provides medical equipment to over…
41 State Attorneys General tell Meta to do better in preventing and mitigating account takeovers
A coalition of state attorneys general have sent a letter to Meta asking them to do more to help users whose accounts have been hacked or taken over. The letter to Meta’s Chief Legal Officer begins: Dear Ms. Newstead: We, the undersigned attorneys general (the “State AGs”), write to request immediate action to address the…
South St. Paul Public Schools investigating potential cybersecurity threat
Maraya King reports: South St. Paul Public Schools alerted families this week to an ongoing technology disruption that is being investigated. Staff and families were notified Monday of technical difficulties “that may disrupt certain services” like online platforms, emails and other digital services. On Tuesday the district said it had been made aware of “unauthorized activity within…
Fraudster’s fake data breach claims should remind media to be careful what we report
Over the past few weeks, DataBreaches had occasionally checked a dark web leak site by an individual or group called “Mogilevich.” However, DataBreaches didn’t report on any of their claimed victims because the site and the claims seemed sketchy and there was no confirmation. DataBreaches will not name and shame those sites or outlets that…
Developing: AlphV allegedly scammed Change Healthcare and its own affiliate (1)
Developing: Someone claiming to be an “affiliate plus” for AlphV claims they were responsible for the Change Healthcare attack but that AlphV stole the payment Change Healthcare had made and suspended the affiliate’s account. The affiliate’s claims appeared on Ramp Forum and have been circulating since then. The post can be seen below, via @vx-underground:…