Stacey Scott reports: The federal government has issued a warning to current and former public service employees, as well as members of the RCMP and Canadian Armed Forces, regarding a recent data breach that took place on October 19th. Officials have identified two companies, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving…
A Hacker Faked His Own Death–Then Claimed To Have Sold Marriott Customer Data To Russians, FBI Says
Thomas Brewster reports: A hacker told the FBI earlier this year that he sold access to the personal data of Marriott hotel customers on a Russian forum, according to a search warrant obtained by Forbes. He also hacked into a number of U.S. state death certificate registration agencies in an effort to fake his own demise,…
UK: Former NHS secretary found guilty of illegally accessing medical records
A reminder of the insider threat: A former NHS employee has been found guilty and fined for illegally accessing the medical records of over 150 people. Loretta Alborghetti, from Redditch, worked as a medical secretary within the Ophthalmology department at Worcestershire Acute Hospitals NHS Trust when she illegally accessed the records. In June 2019, a…
Does claiming you were hacked when you had really just screwed up violate the FTC Act?
On November 12, DataBreaches published an OpEd, If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures. Today, we post another example of why we need to legislate and enforce data breach notification laws that prohibit deceptive statements and mandate more disclosure when data has been leaked. This week,…
CEOs of Ontario hospitals hit by ransomware attack provide updates on impact and look for no ransom payment legislation
Jennifer LaGrassa reports: For the first time, top leadership from the five southwestern Ontario hospitals hit by a ransomware attack answered questions from the media — acknowledging the significant impact the incident has had on care, as well as the large amount of stolen data. During the roughly 50-minute meeting on Friday, each hospital CEO said their…
NoEscape gang continues to use DDoS to pressure reluctant victims to negotiate
Over on SuspectFile, Marco A. De Felice reports that the NoEscape ransomware gang is threatening to release 1.5 TB of data from PruittHealth Network. De Felice was unable to obtain any statements or responses from either PruittHealth or the threat actors, but notes that the threat actors claim to have attacked Pruitt on November 13…