Ionut Ilascu reports: Three more high-profile databases are being offered for sale by the same group claiming the Tokopedia and Unacademy breaches, and the more recently reported theft of Microsoft’s private GitHub repositories. Going by the name Shiny Hunters, the group is now selling user records from meal kit delivery service HomeChef, from photo print service ChatBooks, and Chronicle.com, a…
US Marshals says prisoners’ personal information taken in data breach (updated)
Zack Whittaker reports: A data breach at the U.S. Marshals Service exposed the personal information of current and former prisoners, TechCrunch has learned. A letter sent to those affected, and obtained by TechCrunch, said the Justice Department notified the U.S. Marshals on December 30, 2019 of a data breach affecting a public-facing server storing personal…
Iran-linked hackers recently targeted coronavirus drugmaker Gilead – sources
Jack Stubbs and Christopher Bing report: Hackers linked to Iran have targeted staff at U.S. drugmaker Gilead Sciences Inc in recent weeks, according to publicly-available web archives reviewed by Reuters and three cybersecurity researchers, as the company races to deploy a treatment for the COVID-19 virus. Read more on Reuters.
Ohio medical center notifies patients after online spread sheet exposed protected health information
The following is a press release. A substitute notice also appears on the entity’s website. May 6 — Ashtabula County Medical Center (“ACMC”) announced today that it has become aware that it inadvertently exposed the health information of a limited number of patients to the public in January, 2020. ACMC learned of this problem in…
FTC May Change Obscure Data Breach Rule In Telehealth Era
Ben Kochman reports: The Federal Trade Commission said Friday that it is considering changing a decade-old, little-used rule that requires certain companies handling health information to publicly report data breaches — and which could gain new relevance as consumers increasingly turn to telehealth. The consumer protection agency says it is soliciting comments on whether it should make…
Lurie Children’s sued over patient information breach
Mitch Dudek reports: A mother is suing Lurie Children’s Hospital and two former employees who allegedly accessed the medical records of her 3-year-old daughter, who underwent a sexual abuse examination at the hospital early last year. The mother received a letter from the hospital in late December informing her a nursing assistant had been accessing…