On December 28, DataBreaches published snippets from a chat with a threat actor (TA) who claimed to have involvement with both the Fred Hutch cyberattack and the Integris cyberattack. In the course of that exchange, the TA surprised DataBreaches by claiming that they had threatened Fred Hutch with swatting patients. From DataBreaches’ previous reporting: “So…
Category: U.S.
NYS announces $8 Million Penalty Against Genesis Global Trading, Inc. After DFS Investigation Finds Significant Failings in Anti-Money Laundering and Cybersecurity Programs
January 12, 2024 New York State Department of Financial Services (DFS) Superintendent Adrienne A. Harris today announced that Genesis Global Trading, Inc. (“Genesis Global Trading”) will pay an $8 million penalty to New York State for compliance failures that violated DFS’s virtual currency and cybersecurity regulations and left the company vulnerable to illicit activity and…
Fertility Test Lab Will Pay $1.25M to Settle Breach Lawsuit
In 2021, Quest-owned ReproSource Fertility Diagnostics disclosed a ransomware attack in August potentially affecting 350,000 patients. One month after disclosure, they were sued. Now Marianne Kolbasuk McGee reports that there is a settlement. A Massachusetts federal court preliminarily approved the proposed settlement on Wednesday. The proposed class action litigation, which consolidated two similar lawsuits against…
US School Shooter Emergency Plans Exposed in Raptor Technologies Data Leak
Matt Burgess reports: Thousands of emergency planning documents from US schools—including their safety procedures for active shooter emergencies—were leaked in a trove of more than 4 million records that were inadvertently made public. Last month, security researcher Jeremiah Fowler discovered 800 gigabytes of files and logs linked to school software provider Raptor Technologies. The firm…
Erie VA Medical Center says it regrets veteran info disclosure
Keith Gushard reports: The Erie VA Medical Center says it regrets any preventable disclosure of sensitive veteran information and takes appropriate action to inform and protect impacted individuals as quickly as possible. The statement, issued Monday, comes almost eight full weeks after a printing error was discovered about the potential disclosure of limited information that…
Former Executive Sentenced to Probation for HIPAA Violation
Steve Alder reports: Mark Kevin Robison, a former vice president of Commonwealth Health Corporation (now Med Center Health) in Kentucky has been sentenced to 2 years’ probation and ordered to pay $140,000 in restitution after reaching a plea agreement with federal prosecutors over a HIPAA violation. Robison pled guilty to knowingly disclosing the protected health…