On October 17, the FBI issued a Public Service Announcement, Cybercriminals are Targeting Plastic Surgery Offices and Patients. Five days later, DataBreaches learned that there had been another attack on a plastic surgery practice where patient data had allegedly been stolen and is in danger of being leaked publicly. It would not be surprising if…
The digital battlefront amid Israel-Hamas war includes hospitals
i24News reports a surge in anti-Israel cyberattacks, including targeting critical entities such as hospitals: Notably, around 40 to 50 different groups have claimed responsibility for approximately 400 cyber attacks against Israeli targets. The cyber conflict has also drawn in ‘hacktivists’ from countries such as Iran and Russia. Messing notes, that in the past few days…
Top US Cyber Agency Pushing Toward First Hack Reporting Rule
Skye Witley reports: A new US notification requirement for victims of malicious hacks could push in-house counsel to disclose cyberattacks when faced with ransomware and other network compromises. Among the first-ever cyber regulations to be enforced by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the top US cyber authority, the proposed rules…
‘Data security event’ in city’s email system may have exposed health information, Philly officials say
Nick Vadala reports: A potential data breach in the City of Philadelphia’s email system earlier this year may have exposed protected health information for an unspecified number of people. Read more at The Philadelphia Inquirer. It is not clear from what the city has disclosed why it took them almost 5 months from initial discovery…
Hackers Stole Access Tokens from Okta’s Support Unit
Brian Krebs reports: Okta, a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incident affected a “very small number” of customers, however it appears the hackers responsible had access…
D.C. Board of Elections revises its estimate of data breach — could be entire voter roll
The D.C. Board of Elections appears to have revised its estimate of how much data was accessible to a threat actor who listed it for sale on a dark web site. The listing had claimed to have 600k lines of voter registration records from the D.C. Board of Elections, but a preliminary statement by the…