PA reports: The Premier League club confirmed the hacking on 20th November and said it was not ‘aware of any breach of personal data associated with our fans and customers’. As of 26th November, club staff still did not have access to email, and some other functions were also unavailable. Read more on Sports Pro.
Personal data of 16 million Brazilian COVID-19 patients exposed online by Albert Einstein Hospital employee error
Today’s example of “no need to hack if it’s leaking,” Catalin Cimpanu reports: The personal and health information of more than 16 million Brazilian COVID-19 patients has been leaked online after a hospital employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub this month. Among the systems that had credentials…
Networking equipment vendor Belden discloses data breach
Catalin Cimpanu reports: American networking equipment vendor Belden said it was hacked in a press release published earlier this week. Belden says the security breach took place after hackers gained access to a limited number of its file servers. Read more on ZDNet.
Two more k-12 school districts allegedly hit by ransomware threat actors
Spring Independent School District in Houston, Texas is closed for Thanksgiving week, but I wonder if any of their staff are working anyway in response to a claimed ransomware attack by Egregor threat actors. There is no date on Egregor’s site to show when they claim to have locked up the district’s files. And they…
Canon publicly confirms August ransomware attack, data theft
Ionut Ilascu reports: Canon has finally confirmed publicly that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers. BleepingComputer was the first to report the attack after tracking a suspicious outage on the cloud photo and video storage service (image.canon) that caused users to lose files. Read…
Service provider to fertility clinics discloses malware attack
A press release from US Fertility (“USF”) follows. The Center for Fertility and Gynecology in California is not listed among USF entities in the press release. I mention that because the Center for Fertility and Gynecology still has not posted anything on their site or issued any press release about a ransomware attack that NetWalker…