Lawrence Abrams reports: Threat actors are now installing a new ransomware called ‘DEARCRY’ after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities. Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to…
Hackers Rushed in as Microsoft Raced to Avert Mass Cyber-Attack
Kartikay Mehrotra and Alyza Sebenius report that the timing of the attacks exploiting vulnerabilities in Microsoft Exchange right before Microsoft could push patches out has Microsoft considering whether there was some leak that alerted the hackers: Microsoft is now investigating the possibility of a leak that may have triggered these mass Exchange compromises ahead of…
Overseas Service Corporation notification of a breach
Another report we may not see on HHS’s public breach tool but that involves health information. This reads like it is a notification to employees based on the types of data involved, but it doesn’t actually say who the breach impacted. Overseas Service Corporation (“OSC”) announced today a phishing email incident that involved a small…
Fastway Couriers Notifies Irish Data Protection Commission of a Hack
Ciara Plunkett reports: The Irish Data Protection Commission says it’s received a breach notification from Fastway Couriers. The customer data impacted includes: names, addresses, email accounts and phone numbers, but the company says nobody’s financial data was at risk. Read more on KFM. Updated March 13: NewsTalk has some more details: The company has confirmed…
AU: Victoria privacy breach of vulnerable youth data
Joseph Brookes reports: A youth case worker stood down from a Victorian health department service provider on suspicion of accessing child pornography continued to access sensitive information about clients for months afterwards, according to a data breach inquiry into the incident. Failings in the department’s privacy protections meant the man – who was also subject to…
Personal information of over 50,000 Premier Diagnostics customers exposed on unsecured server
Diego Romo reports: A Consumer privacy watchdog, “Comparitech,” found that Lehi based company Premier Diagnostics was storing sensitive customer information on a publicly accessible server, leading to a potential data breach for over 50,000 customers. “This data could be in anyone’s hands now,” said Paul Bischoff, editor of comparitech.com. “So, your ID and your medical card are probably…