There is a follow-up to a 2014 breach reported on this site at the time. But it turns out there was an interesting twist to this case that HHS followed up. Here is their press release: Advanced Care Hospitalists PL (ACH) has agreed to pay $500,000 to the Office for Civil Rights (OCR) of the…
Category: U.S.
California-based professional employer organization hacked by TheDarkOverlord; thousands of employees’ files stolen
TheDarkOverlord (TDO) has been busy, it seems. In the past month or so, the hackers – who have seemingly managed to continue to evade capture by law enforcement – have revealed a number of hacks never previously disclosed by them. Earlier today, DataBreaches.net reported on TDO’s hack of Caribbean Island Properties. But at the same…
Emails of top House GOP officials stolen in major 2018 hack
Alex Isenstadt and John Bresnahan report: The House GOP campaign arm suffered a major hack during the 2018 election, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials. The email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months, the party officials…
Medical Informatics sued by multiple states over 2015 breach
A 2015 hack of Medical Informatics stayed in the headlines for quite a while because it compromised the data, including health information, of 3.9 million people. In addition to suits filed by consumers, state attorneys general have also sued the business associate, as Dave Gong reports: Fort Wayne-based Medical Informatics Engineering Inc. failed to secure…
A popular Q&A website says hackers stole information on 100 million users
Saheli Roy Choudhury reports: Quora, the popular question-and-answer website, said Monday evening that hackers broke into one of its systems and compromised information from approximately 100 million users. CEO Adam D’Angelo said in a blog post the company discovered last week that a malicious third party had gained unauthorized access to one of its systems….
Misconfigured Locksmith Services web servers exposed sensitive information
Darryl Burke reports: On Wed Nov 23rd, we discovered a misconfiguration on the web servers of the company “Locksmith Services” which is a US based national dispatch service for Locksmiths. The misconfiguration on the website dispatchlogin.net exposed the; audio recording of calls, emails, customer contact information, photos of drivers licenses and passports, photos of credit…