In August 2020, DataBreaches reported that the Maze ransomware gang had added Ventura Orthopedics to their name-and-shame leak site. At the time, Ventura did not respond to inquiries about whether they would confirm or deny the claims. And they did not respond to other inquiries from DataBreaches when the Conti ransomware gang subsequently listed 1,850…
Jeffco Public Schools hit by the same threat actors that hit Clark County School District — and via the same way
How many school districts have to get massively hacked by the same method before the U.S. Department of Education, CISA, and states start really pressuring public school districts to address well-known vulnerabilities that are being exploited? Maybe that shouldn’t be a rhetorical question. Last night, DataBreaches was contacted by the same threat actors who claimed…
AU: ‘Curious’ pharmacist spied on patient records at The Alfred
Lachlan Abbott reports: About 7000 Alfred Health patients are victims of a privacy breach after a pharmacist working at Victoria’s leading trauma hospital accessed personal medical records without authorisation. Alfred Health wrote to every patient affected in a letter sent on Monday, seen by The Age, which said the pharmacist was dismissed after an investigation, launched…
Boeing Confirms ‘Cyber Incident’ from LockBit Hacking Group
Rojoef Manuel reports: Boeing has confirmed a “cyber incident” in its parts and distributions business days after a ransomware group published threats against the company. The acknowledgment came after LockBit hackers said on Friday they had tapped “a tremendous amount” of classified data from Boeing that would be leaked online if the company does not…
NY Financial Regulator Rolls Out Updated Cybersecurity Standards
Skye Witley reports: New York regulators assigned heightened cybersecurity requirements to banks, insurers, and financial services providers based in the state with the release of finalized rule amendments Wednesday. Covered entities will have to use multifactor authentication, expand cybersecurity governance duties, and conduct consistent threat testing under the regulation updated by the New York Department of Financial…
Okta hit by third-party data breach exposing employee information
Bill Toulas reports: Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached. Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single Sign-On (SSO), multi-factor authentication (MFA), and API access management services are used by thousands of organizations worldwide….