Christopher Brown reports: Court Ventures Inc. properly beat a suit alleging it failed to notify victims of a security breach that it became aware of only after its sale to Experian Data Corp., a California appellate court ruled. Former owners of computerized data containing personal information aren’t required to provide notice of a breach under the…
Law Firm Hack Affects Victims of an Earlier Breach Again
Marianne Kolbasuk McGee reports: A global law firm is notifying nearly 153,000 individuals of a hacking incident that compromised several client files. The files contained sensitive personal information and affects vision care patients who had been victims of a breach three years ago. Orrick, Herrington & Sutcliffe on July 20 reported the data breach to…
Umbreon Unplugged: Unraveling the Sequel to Failures
On June 23, DataBreaches published the first of a series of interviews with Pepijn Van der Stap, aka “Umbreon.” Van der Stap, 21, was arrested in January and remains in detention, awaiting trial on charges that include hacking, data exfiltration, extortion, sale of stolen data, and money laundering. At the end of the first article,…
More plastic surgery patients have their nude photos and information leaked
An unknown party or parties who created a leak site with nude photos and medical records of a well-known plastic surgeon’s patients have uploaded more of his patients’ photos and records. In what was their third update to the leak site since June 5, those responsible wrote that they have changed their strategy. Before publishing…
Pointed to a phishing campaign targeting the healthcare sector, Microsoft leaps into action to … not even investigate?!
The relaxing Sunday I was looking forward to did not quite work out as planned. Dutch researcher and all-around good-guy Jelle Ursem (aka @SchizoDuckie) got in touch with me about what appeared to him to be a sketchy site allegedly by a well-known prescription management entity. After a few minutes of checking, there was no…
Norwegian ministries hit by cyberattack
The Norwegian Government Security and Service Organisation (DSS) has detected a cyber-attack on the ICT platform used by 12 ministries. The matter is currently being investigated by the police. “We are taking this incident very seriously. The Norwegian Government Security and Service Organisation (DSS) is cooperating closely with the National Security Authority (NSM) and the…