On June 20, DataBreaches.net reported that The Woodruff Institute in Florida had been attacked by “Grief” threat actors. At that time, the threat actors had dumped some files concerning business operations from the multi-location plastic surgery and dermatology practice, but other than about 50 laboratory test result reports for patients, there was not a tremendous number…
More than four months after DarkSide attack, Guess notifies individuals of breach
In April, DataBreaches.net reported a chat with DarkSide threat actors. As part of that report, this site noted that Guess, the well-known clothing and accessories retailer, had been attacked in February and listed on the DarkSide threat actor’s dedicated leak site. DataBreaches.net had looked at the proof of claim that DarkSide had posted and described…
China’s Shenzhen City Enacted Regional Data Regulation
Manuel Torres and Zhang, Dun of Garrigues write: Shenzhen, the leading financial and production center for China and home of many Chinese internet and tech giants such as Huawei, Tencent and DJI, enacted its regional data protection law, ‘Data Regulation of the Shenzhen Special Economic Zone’ (Shenzhen Data Regulation) on June 29, 2021. Shenzhen Data…
HHS warns entities; patients file potential class action lawsuit over PACS breach
HHS recently issued an alert about a known vulnerability allowing access to some picture archiving communications systems (PACS). The vulnerability had been reported two years ago, and again months later, and there had been updated alerts since then. HHS is advising entities to address this as a priority now if they have not done so…
Malware abuses OBS live-streaming software to record victims’ screens
Catalin Cimpanu reports: Security researchers have uncovered a new malware strain that uses the popular OBS Studio live-streaming app to record and broadcast the screen of its victims to attackers. Named BIOPASS, this malware is a remote access trojan (RAT) coded in Python that was spotted in recent attacks targeting online gambling companies in China. Discovered…
Ten Long Island Residents Charged in Nationwide Identity Fraud Scheme
From the Law Firm Newswire: Thirteen people and three corporations were charged on a 108-count indictment in relation to a nationwide synthetic identity fraud scheme that netted over $1 million from financial institutions. Authorities believe the defendants also amassed a credit limit of hundreds of millions of dollars across the United States. The scam’s alleged…