Jess Malcolm and Greg Brown report: One of Australia’s largest health networks that was the target of a cyber security breach has no idea whether hackers stole private medical data almost a week after the attack. St Vincent’s hospital on Monday confirmed it did not know whether sensitive health records had been taken, sparking concern the…
ProSmile issues breach disclosure that creates more questions than it answers
On December 22, ProSmile Holdings, LLC in New Jersey issued a press release about a data breach. If ProSmile — a dental service organization — is a business associate or otherwise covered under HIPAA, no report from them has shown up yet on HHS’s public breach tool. They write, in part: In July 7, 2022,…
Action against digital skimming reveals 443 compromised online merchants
Europol, law enforcement authorities from 17 countries and the European Union Agency for Cybersecurity (ENISA) have joined forces with the private sector partners, including Group-IB and Sansec, to fight digital skimming attacks. With the support of national Computer Security Incident Response Teams (CSIRT), the two-month action has enabled Europol and its partners to notify 443…
Clay County, Minnesota discloses ransomware attack in October
On December 22, Clay County published a notice on its website about a ransomware attack in October. According to its notice, on October 27, 2023, the county determined that its network had been impacted by a ransomware attack between October 23 and 26. The attack affected the electronic document management system (“CaseWorks”) hosted by Clay…
Cyber sleuths reveal how they infiltrate the biggest ransomware gangs
Conor James reports: When AlphV/BlackCat’s website went dark this month, it was like Chrimbo came early for cybersecurity defenders, some of whom seemingly believed law enforcement had busted one of the most menacing cyber criminal crews. The excitement lasted just five days, though, and its website is now back online, albeit in worse shape than…
Mint Mobile discloses new data breach exposing customer data
Lawrence Abrams reports: Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator (MVNO) owned by T-Mobile, offering budget, pre-paid mobile plans. […] The customer data exposed in the breach includes:…