23andMe may try to blame the victims for their massive data breach, but how are they going to blame anyone for it taking them five months to detect the breach? Mariella Moon reports: In late 2023, genetic testing company 23andMe admitted that its customer data was leaked online. A company representative told us back then that the bad…
Interview with the Knight Group, the heir of Cyclops
Marco A. De Felice, aka amvinfe, writes: It happens very often nowadays to witness the sudden disappearance of ransomware groups that have been active for only a few months. In the last three years, we have counted at least twenty of them that have “vanished from the radar” of journalists and researchers. Some of these…
Russian TrickBot malware dev sentenced to 64 months in prison
Following up on the case of Vladimir Dunaev, a Russian national who was extradited to the U.S. from Korea in 2021 and pleaded guilty in December 2023 for his role in creating and distributing Trickbot malware, Sergiu Gatlan reports: Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for…
UK: South Tees Hospitals NHS Foundation Trust reprimanded for “serious, harmful” data breach
The Information Commissioner’s Office (ICO) has today announced it has reprimanded South Tees Hospitals NHS Foundation Trust for a data breach which resulted in a disclosure containing sensitive information to a unauthorised family member. In November 2022, a Trust employee sent a standard letter to inform the father of a patient of an upcoming appointment,…
Washington State Appeals Court to hear data breach lawsuit against Chelan Douglas Health District
KPQ reports: The Washington Appeals Court will hear a case from two people suing Chelan Douglas Health District over a security breach. The Health District reported a breach in July of 2021 but did not inform possible victims or the public until March 2022. The district said Social Security numbers, dates of birth or death,…
HPE: Russian hackers breached its security team’s email accounts
Lawrence Abrams reports: Hewlett Packard Enterprise (HPE) disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company’s Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments. Midnight Blizzard, aka Cozy Bear, APT29, and Nobelium, is a Russian state-sponsored hacking group believed to be part…