I usually post items from EPIC.org over on PogoWasRight.org, but this one gets posted as a government breach on this site, too. In an unusual development, the White House directed EPIC this week to delete a set of records that EPIC recently obtained from the Office of Science & Technology Policy—a request which EPIC declined….
University of Utah notifying patients after phishing attack
Did University of Utah Health really have three phishing incidents this year? Maybe not. I was confused when I saw a new listing on HHS’s public breach tool this week. The incident, reported to HHS on July 20, reportedly affected 10,000 patients and involved PHI located in email. As such, it seemed to match an…
Hiscox Hack Suit Advances as Warden Grier Loses Dismissal Bid
Julia Weng reports: Hiscox Insurance Co. Inc. can move forward with claims against Warden Grier LLP, which lost a bid to dismiss allegations that fault the law firm’s handling of a hack that exposed the insurer’s data. Read more on Bloomberg. As reported on DataBreaches.net in 2018, thedarkoverlord (“TDO”) had started leaking what they claimed…
Blackbaud believes your data is safe from further misuse. Do you?
You may have seen a number of headlines from schools and non-profits disclosing that their students or donors’ information was impacted by a May, 2020 ransomware incident at UK software firm, Blackbaud. According to Blackbaud’s notice: Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our…
A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs
Catalin Cimpanu reports: An unknown vigilante hacker has been sabotaging the operations of the recently-revived Emotet botnet by replacing Emotet payloads with animated GIFs, effectively preventing victims from getting infected. The sabotage, which started three days ago, on July 21, has grown from a simple joke to a serious issue impacting a large portion of the Emotet…
Keizer discloses costs of recovering from recent ransomware attack
When Keizer, Oregon was attacked in June with ransomware, the attackers demanded $48,000, and the city paid. Now Keizer Times reports that the costs of recovering city data and preventing future digital strikes have already exceeded $60,000. Among the costs, which will be detailed more at a later date: — To handle negotiations with the…