Something seems to be up — or down, to be more accurate. BreachForums clearnet and onion sites are down, with the clearnet site returning a “502- Bad Gateway” response. A WhoIs lookup for BreachForums.st shows the name servers as ddos-guard.net. That is the domain used by ShinyHunters for the forum, so the government does not…
RansomHouse: investigation and findings by Analyst1
Analyst1 has published a report on RansomHouse: RansomHouse: Stolen Data Market, Influence Operations & Other Tricks Up the Sleeve. The Executive Summary of the report by Anastasia Sentsova begins: This research aims to identify connections between RansomHouse, and other groups based on the investigation of multiple crossclaims of victims. Emerging after the Babuk source code…
70,000 Adventist Health Tulare patients being notified of HIPAA breach by payment collections associate
Adventist Health Tulare has issued a press release about a breach at a business associate in Nebraska. The June 7 press release states, “A data security incident was recently discovered by Signature Performance, an agency working on behalf of Adventist Health Tulare to collect payment for services.” Their investigation determined that an unknown party accessed…
Christie’s discloses cyberattack in May
Most of us have probably never placed a bid at the high-end Christie’s auction house. But 45,798 people are being notified of an attack on Christie’s system between May 8 and May 9 of this year. During the attack, some files were copied. Because Christie’s deals in fine art and antique auctions as well as…
What Snowflake isn’t saying about its customer data breaches
Zack Whittaker reports: Snowflake’s security problems following a recent spate of customer data thefts are, for want of a better word, snowballing. After Ticketmaster was the first company to link its recent data breach to the cloud data company Snowflake, loan comparison site LendingTree has now confirmed its QuoteWizard subsidiary had data stolen from Snowflake. “We…
Frontier Communications Hack Ensnares 750,000 Customers, SSNs Stolen
Michael Kan reports: April’s cyberattack on internet service provider Frontier Communications enabled hackers to steal Social Security numbers for 750,000 users. In a data breach notice sent to Maine’s attorney general, the ISP says the incident affected 751,895 people. The company is preparing to send out data breach notifications to affected consumers as the hacking group allegedly responsible…