Catalin Cimpanu reports: The personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week. Besides details for regular tourists and travelers, included in the leaked files are also personal and contact details for celebrities, tech CEOs, reporters, government officials, and employees at…
A ‘stalkerware’ app leaked phone data from thousands of victims
Zack Whittaker reports: A spyware app designed to “monitor everything” on a victim’s phone has been secretly installed on thousands of phones. The app, KidsGuard, claims it can “access all the information” on a target device, including its real-time location, text messages, browser history, access to its photos, videos and app activities, and recordings of phone…
CA: VibrantCare Rehabilitation notifies patients after employee email account compromised
VibrantCare Rehabilitation in California recently notified 1,655 patients after an employee’s email account was accessed. They notified HHS on February 8 and posted this notice on their website: ABOUT THE INCIDENT VibrantCare Rehabilitation, Inc. (“VibrantCare”) is providing notice to individuals of an incident that may have affected the security of some information relating to certain…
United Regional sends letters to patients about information breach
News6 in Texas reports that United Regional Health Care System has disclosed an incident that occurred last July when someone accessed an employee email account. It was only in December that they first confirmed that patient information could have been accessed in the email account, even though there was no direct evidence that it had…
University of Washington Medicine patients file class action lawsuit over December 2018 leak
Amy Clancy has an update on a University of Washington Medicine breach that was disclosed in February 2019. The breach was a human error incident that resulted in more than 970,000 patients having their information exposed online for several weeks. Clancy reports that the breach has now led to a class-action lawsuit that could eventually…
Defense Information Systems Agency discloses breach
As posted by @bitsdigits on Twitter tonight: Just when you think the US Federal and Intelligence agencies were done being breached. This happens. DISA, the Defense Information Systems Administration has suffered a compromise of epic proportions. But here’s a notification for your troubles. The notification, dated February 11 and signed by Roger S. Greenwell,…