DataBreaches.Net – Page 1094

CZ: Three weeks after ransomware attack, Olomouc continues to recover while still being threatened by threat actors

Posted on April 28, 2021 by chum1ng0

On April 9, DataBreaches.net noted a report that the municipality f Olomouc had suffered a cyber attack on April 7. There were almost no details other than the municipality estimated it might take two weeks to fully restore services. Since then, a few more details have emerged. We now know that it was the Avaddon…

Maine government website displayed mental health patients’ confidential information

Posted on April 28, 2021 by Dissent

Matthew Stone reports: A state agency displayed confidential information about patients of Maine mental health and addiction treatment agencies and group home residents on a public website, a Bangor Daily News review found. At least 20 documents on the Maine government website contained names and, in some cases, addresses, dates of birth and phone numbers,…

No need to hack if it’s leaking, Wednesday edition: Wyoming Department of Health

Posted on April 28, 2021 by Dissent

From the Wyoming Department of Health, a report involving another GitHub leak: Exposure of Laboratory Test Result Data Described April 27, 2021 The Wyoming Department of Health (WDH) is announcing a mistaken exposure of laboratory test result data involving the health information of thousands of Wyoming residents and others, as well as describing its plan…

Ransomware gang targets Microsoft SharePoint servers

Posted on April 28, 2021 by Dissent

Catalin Cimpanu reports: The group behind the attacks targeting SharePoint servers is a new ransomware operation that was first seen at the end of 2020. The group is tracked by security vendors under the codenames of Hello or the WickrMe ransomware—because of its use of Wickr encrypted instant messaging accounts as a way for victims to reach out and…

District Court in Third Circuit Confirms That, When it Comes to Data Breaches, Actual Misuse Must be Alleged

Posted on April 28, 2021 by Dissent

Aaron C. Garavaglia of Squire Patton Boggs writes: Every federal lawsuit requires standing for the court to have subject matter jurisdiction to hear the case, and standing requires an injury-in-fact. As seen from our coverage this morning out of the Second Circuit. In Derrick McCray v. John E. Wetzel & President, No. 3:20-cv-139, 2021 U.S. Dist. LEXIS…

Is It Ethical To Buy Breached Data?

Posted on April 27, 2021 by Dissent

Gary Stevens writes: Research that’s done on malicious breaches of data presents a unique conundrum for the security professionals who are doing the investigating: should access to sets of breached raw data become available to public users and, if so, how? In light of the pandemic, the acceleration toward location-distributed work has the potential to…