Bridgit Sullivan writes: Phobos is a type of Advanced Encryption Standard (AES) ransomware that was first seen in October 2017 but became increasingly active in 2019. Also referred to as Phobos NextGen or Phobos Not Dharma, Phobos ransomware is extremely similar to the Dharma and Crysis ransomware family due to the same Dharma codebase. It…
Proposed Amendment to the North Carolina Identity Theft Protection Act
Alexander Turner of Spilman Thomas & Battle, PLLC writes: In April 2019, with the introduction of House Bill 904, a bi-partisan effort was made to strengthen cyber security in North Carolina. H.B. 904 seeks to make North Carolina’s Identity Theft Protection Act one of the strongest in the nation by broadening the definition of what constitutes…
White House Tells EPIC to Delete COVID-19 Records, EPIC Declines
I usually post items from EPIC.org over on PogoWasRight.org, but this one gets posted as a government breach on this site, too. In an unusual development, the White House directed EPIC this week to delete a set of records that EPIC recently obtained from the Office of Science & Technology Policy—a request which EPIC declined….
University of Utah notifying patients after phishing attack
Did University of Utah Health really have three phishing incidents this year? Maybe not. I was confused when I saw a new listing on HHS’s public breach tool this week. The incident, reported to HHS on July 20, reportedly affected 10,000 patients and involved PHI located in email. As such, it seemed to match an…
Hiscox Hack Suit Advances as Warden Grier Loses Dismissal Bid
Julia Weng reports: Hiscox Insurance Co. Inc. can move forward with claims against Warden Grier LLP, which lost a bid to dismiss allegations that fault the law firm’s handling of a hack that exposed the insurer’s data. Read more on Bloomberg. As reported on DataBreaches.net in 2018, thedarkoverlord (“TDO”) had started leaking what they claimed…
Blackbaud believes your data is safe from further misuse. Do you?
You may have seen a number of headlines from schools and non-profits disclosing that their students or donors’ information was impacted by a May, 2020 ransomware incident at UK software firm, Blackbaud. According to Blackbaud’s notice: Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our…