Intel471 reports: On Feb. 11, 2025, a mysterious leaker going by the Telegram username ExploitWhispers released one year’s worth of internal communications between members of the Black Basta ransomware group on a Telegram channel. Black Basta is still active in a reduced capacity, but in 2022, it was the third most impactful ransomware group. Its members appeared to be experienced…
Data Breach Class Action Dismissed After ‘Alter Ego’ Doctrine Fails
Colleen Murphy reports that a potential class action lawsuit that relied on a legal strategy called the “alter ego doctrine” has been dismissed. Since DataBreaches is not a lawyer and has never heard of this doctrine before, Murphy’s coverage makes for an interesting read. She reports: A group of optical companies secured the dismissal of…
Criminal hacker known as ALTDOS, DESORDEN, GHOSTR and 0mid16B arrested
He called himself ALTDOS when he first contacted DataBreaches in 2020. In 2021 he started contacting this site as DESORDEN. Then in 2024, he contacted this site as GHOSTR, and more recently, as 0mid16B. Under each new moniker, he denied being the individual DataBreaches knew under previous monikers, even though based on his targets, his…
Imprisoned IRS Contractor Leaked Information of Over 400,000 Taxpayers
James Lynch reports: Imprisoned former IRS contractor Charles Littlejohn improperly leaked information of over 400,000 taxpayers, a far greater number than the agency previously disclosed. Acting IRS Commissioner Douglas O’Donnell wrote a letter to House Judiciary Committee Chairman Jim Jordan (R., Ohio) earlier this month notifying him that Littlejohn’s illegal disclosures impacted 405, 427 taxpayers,…
Medical Billing Vendor Sued Over Health Data Leak ‘Gold Mine’
Cassandre Coyer reports: Health-care billing company Medical Billing Specialists Inc. didn’t appropriately monitor its computer systems, failing to notice a data breach exposing swaths of its clients’ patient data, a proposed class action said. The provider didn’t follow its contractual requirements with medical providers, nor “industry standards, common law, and representations” it made about its…
Business Associate breaches account for the largest percentage of breached patient records
As time permits, DataBreaches will take a deeper look at some of the findings reported in the Bluesight 2025 Breach Barometer. This post concerns business associates. In September 2016, DataBreaches.net published its first cumulative attempt to look at business associate breaches in the healthcare sector. At the time, HHS did not have any way to…