Paul Bischoff reports on an issue DataBreaches.net and Jelle Ursem recently reported on: data being exposed because of code left in public repositories on GitHub (see our report about exposed protected health information in No Need to Hack When It’s Leaking). Bischoff writes that Comparitech researchers sought to find out how long it took hackers…
Ca: Two Telus Health medical service providers pay ransom after 60K client files accessed
David Paddon reports: The Medisys Health Group and its affiliate Copeman Healthcare say they paid an unspecified ransom to retrieve personal information for about 60,000 clients after detecting a security breach on Aug. 31. An email from Medisys head office in Montreal says privacy officials were notified Sept. 4, four days after the breach was…
SunCrypt ransomware group swears off medical entities, sets sights on cybersecurity firms
When the SunCrypt ransomware group opened a leak site where they listed victims who had not paid their ransom demands, they attracted public attention and demonstrated their ability to use the media to their advantage. BleepingComputer reported that SunCrypt operators had reached out to them to introduce themselves as part of the Maze cartel. Days…
Anthem agrees to pay $39.5M in latest settlement over 2015 hacking
John Russell reports: Anthem Inc. has agreed to pay a group of states $39.5 million to settle claims the health insurer failed to safeguard its data, a breach that led to a massive computer hacking in 2015 that compromised the private information of 78.8 million customers and former customers. The Indianapolis-based company announced the settlement…
Houston-area health organization says patients targeted in phishing incident
Amanda Cochran reports: Legacy Community Health announced Tuesday that some of its patients were victims of an email phishing incident. The organization said it had mailed letters to affected patients. In a news release Legacy did not disclose how many people at its 15 Houston-area locations were affected by the phishing incident, Read more on…
Data breach: Dfat reveals email addresses of vulnerable Australians stranded overseas
Margaret Simons reports: The private email addresses of hundreds of vulnerable Australian travellers stranded overseas have been accidentally revealed by the Department of Foreign Affairs and Trade. The addresses were included in an email sent to multiple recipients before midday on Wednesday by the Covid-19 consular operations section of Dfat. Read more on The Guardian.