Zack Whittaker covers a data leak first reported by BleepingComputer. You can read TechCrunch’s report on the incident here.
AllyAlign notifies 76,348 members and providers of ransomware attack
AllyAlign Health (AAH), a Medicare Advantage special needs plan administrator, recently notified 76,348 members and providers of an attempted ransomware attack. But how successful were the threat actors? And what could the Virginia firm figure out and what couldn’t they figure out based on their investigation? According to AAH’s notification letter, the attack occurred on…
UK Reputation Risk Intelligence Company Left 30TB Server Exposed
WizCase researchers recently revealed that a U.K. analytics firm, Polecat, left 30TB of data and billions of records exposed on an elasticsearch server that was not secured. WizCase reports: Polecat, which successfully predicted the outcome of the 2016 US Presidential Election, had potentially conducted a similar set of research less than a week before the…
Ca: Snooping employee showed interest in pregnant women’s medical records, says lawyer
A years-old privacy breach at Central Health has had a particular impact on pregnant women and new parents, says a St. John’s lawyer who is filed a class-action lawsuit. Bob Buckingham says a disproportionate number of calls to his office regarding the breach are from people who say medical records relating to their pregnancies were…
Ripe for extortion? Navajo Nation hospital targeted by large-scale ransomware hack
Kevin Collier has a follow-up on the Rehoboth McKinley Christian Health Care cyberattack first reported by DataBreaches.net on February 16. From Collier’s reporting, it seems that those impacted by the breach have yet to be notified. As I’ve advocated many, many times: when PII or PHI are publicly dumped by criminals, taking 60 days to…
PA: Millersville University confirms external cyber attack on network
Millersville University confirmed that on Sunday, February 28 they received an external attack on their network. The external attack on the university’s network caused in-person and virtual classes to be canceled on Monday and Tuesday. Read more on CBS21. They are hoping that because the personally identifiable information on the server was encrypted, it might…