Here’s one I missed while dealing with the DDoS, but let’s get caught up. The Canadian Press reported: An RCMP investigation has revealed a possible privacy breach for thousands of employees who worked or work at the health authority in British Columbia’s Interior. Interior Health says police contacted them in January about finding a document that…
Indiana Attorney General Files Suit Against Apria Healthcare
Attorney General Todd Rokita is filing a lawsuit on behalf of the people of Indiana against Apria Healthcare LLC for a massive data breach that impacted at least 42,000 Hoosiers and 1.8 million people nationwide. Apria is a provider of home healthcare equipment and related services across the United States. Apria provides medical equipment to over…
System Status Note
Yesterday, DataBreaches.net was hit with a massive DDoS attack that also affected PogoWasRight.org. DataBreaches.net is now back online: all the posts are back up, and media files are in the process of being reuploaded. PogoWasRight will be back online by the end of tomorrow. Thank you to everyone who reached out to me because they…
Banning Ransom Payments: Calls Grow to ‘Figure Out’ Approach
Mathew J. Schwartz reports: How might banning ransomware victims from paying a ransom to their attacker work in practice? As ransomware groups are causing massive damage and disruption and showing no signs of stopping, Ciaran Martin, the former head of Britain’s National Cyber Security Center, said “it’s time to figure out how to make a ransomware payments…
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
From a new blog post by Microsoft: In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems. To date we have found…
UniCredit hit with £2.3 million fine for data breach
FinExtra reports: UniCredit, Italy’s second-largest bank, has been fined €2.8 million (£2.3 million) by the country’s data protection authority over 2018 data breach case. The 2018 cyber attack on the bank’s mobile banking platform impacted the data over 750,000 customers. The sanction, announced on Thursday, is a reminder that “banks must take all necessary technical…