WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Wuhan Xiaoruizhi Science and Technology Company, Limited (Wuhan XRZ), a Wuhan, China-based Ministry of State Security (MSS) front company that has served as cover for multiple malicious cyber operations. OFAC is also designating Zhao Guangzong and Ni Gaobin, two Chinese nationals affiliated with Wuhan XRZ,for…
Major credit bureau slapped with enforcement notice for data breach in South Africa
Jan Vermeulen reports: The Information Regulator has slapped credit bureau TransUnion with an enforcement notice following a data breach on 18 March 2022. N4ugthySecTU, the group that claimed responsibility for the attack, alleged that they exfiltrated 4TB of data from one of TransUnion’s databases, including the records of 54 million South Africans. However, the bureau said far…
System Status Note
On March 8, DataBreaches experienced a massive DDoS attack. At the time, I thought all posts had been restored and it was just a question of reuploading images. After hearing from researchers who cannot find old posts, however, it seems that yes, there are likely many old posts that did not get reuploaded and some…
Commonwealth Healthcare Corporation breached, patient data involved
A new leaksite appeared this past week that appears to have been created for one particular incident. The notice begins: Dear Visitor of Commonwealth Healthcare Corporation LEAK website: We regret to inform you that Commonwealth Healthcare Corporation has experienced a complete data breach from its internal servers. This includes the data of all patients, medical…
OK: Emergency Medical Services Authority notifies patients of hacking incident
Terré Gables of KFOR reports: Emergency Medical Services Authority (“EMSA”) says, it has identified suspicious activity in its IT network and is mailing letters to patients whose information may have been involved. According to EMSA, on February 13, 2024, EMSA identified suspicious activity in its IT network. EMSA immediately initiated its incident response protocols, which involved…
American Renal Associates patients affected by ransomware attack
Marco A. De Felice reports: The American Renal Associates (now known as Innovative Renal Care), with over 230 locations across the United States, has become the latest victim in the clinical-hospital sector of a ransomware attack. Recently, the Medusa group has made thousands of PHI and PII data stolen from the company’s servers on March 2nd publicly available on…