Margot Patrick reports: Equifax’s (EFX) U.K. arm was fined around $13.6 million Friday for failing to protect the data of millions of British customers in a 2017 hack of the credit-reporting company. The British arm outsourced customer-data processing to the U.S., and then failed to manage or monitor data security, the Financial Conduct Authority said. Read…
FBI and CISA Release Update on AvosLocker Advisory
The AvosLocker ransomware leak site has not been seen for months, but the government is providing an update on them based on its investigations as recently as May 2023. In May, DataBreaches reported on the Bluefield College breach by an affiliate of Avos. Because AvosLocker is RaaS, it’s possible that it is still active but…
Queensland agencies to face mandatory data breach reporting
Judy Skatssoon reports: Queensland is set to join NSW as the only other Australian state to introduce a mandatory data breach notification scheme. The state government says the Information Privacy and Other Legislation Amendment Bill 2023, introduced on October 12, contains reforms aimed at improving the accountability of government agencies and boosting privacy protections in…
How Vermont’s largest hospital now protects patient info 3 years after ransomware attack
Cam Smith reports: Nearly three years after Vermont’s largest hospital fell victim to a ransomware attack, hospital officials say they’ve made progress toward better systems to protect patient information. During the breach, nearly 1,300 servers were compromised on more than 5,000 devices across the UVM Health Network. Hospital officials say while no patient or employee…
Ransomware group starts leaking data allegedly from NJ cardiology consultants group
On September 23, DataBreaches reported that the NoEscape ransomware gang had added Mulkay Cardiology Consultants (Mulkay) in New Jersey to their leak site with a date of September 2. At the time, they claimed to have successfully encrypted them and exfiltrated 60 GB of files. “We have 60GB of confidential and personal data on more…
Seattle Housing Authority allegedly compromised by ransomware gang
The NoEscape ransomware site claims to have successfully compromised the Seattle Housing Authority (SHA). In a post on their leak site, they claim to have encrypted the SHA’s main servers and exfiltrated 158 GB of data. ” we have 400,000 confidential files,” they claim, including, they write: Confidential Privacy Act Data! Confidential agreements and contracts,…