Zack Whittaker reports: Over the past year we’ve seen Uber’s former chief security officer convicted in federal court for mishandling a data breach, a federal regulator charge SolarWinds’ security chief with allegedly misleading investors prior to its own cyberattack and new regulations that compel companies to publicly reveal materially impactful data breaches within four business days. It might seem like it’s never…
HMSA member data possibly compromised after data breach
Emily Cervantes reports: Hawaii Medical Service Administration employee information may be compromised after their vendor partner fell victim to a cyber attack. In early Sept. 2023, HMSA’s health management service vendor, Navvis, announced they experienced a data privacy event that compromised the personal and protected health information for former and current employees. Navvis immediately launched…
Patient data hacked at Canberra medical centre
Steve Evans, and Lanie Tindale report: Hackers have broken into the medical records at Crace Medical Centre. An announcement to patients said: “unfortunately, our investigations have identified that patient data was accessed and taken from our systems by an unauthorised third party”. The hack happened on December 12 but patients were only texted early afternoon…
Cyberattack on Ukraine’s Kyivstar will cost parent Veon almost $100 million in sales
Reuters reports: Veon, the parent company of Ukraine’s largest mobile operator Kyivstar, will take a hit of around 3.6 billion hryvnias ($95 million) in revenue in 2024 due to a massive cyberattack in December, the Dutch telecoms group estimated on Thursday. The estimated lost revenue is associated with measures Kyivstar has taken to compensate customers…
Inside the Massive Naz.API Credential Stuffing List
Troy Hunt writes: It feels like not a week goes by without someone sending me yet another credential stuffing list. It’s usually something to the effect of “hey, have you seen the Spotify breach”, to which I politely reply with a link to my old No, Spotify Wasn’t Hacked blog post (it’s just the output of a…
Cloud Vendor Returns North Star Health Alliance Data Stolen and Stored by LockBit
Marianne Kolbasuk McGee reports: A cloud services firm has turned over to a New York hospital alliance the patient data stolen in an August ransomware attack by the notorious LockBit gang. The hospital group – North Star Health Alliance – had filed a lawsuit against LockBit in November as a legal maneuver to force the…