John Paul Titlow reports: Some patients at Jefferson Cherry Hill Hospital are being advised to keep an eye on their credit reports due to a potential data breach. The hospital started notifying select patients this week that their private data may have been compromised after a backup hard drive went missing from a DEXA scan…
Cuba Ransomware Deploys New Tools: Targets Critical Infrastructure Sector in the U.S. and IT Integrator in Latin America
Blackberry’s Research and Intelligence Team writes: BlackBerry has discovered and documented new tools used by the Cuba ransomware threat group. Cuba ransomware is currently into the fourth year of its operation and shows no sign of slowing down. In the first half of 2023 alone, the operators behind Cuba ransomware were the perpetrators of several high-profile…
Compliance: National Credit Union Administration issues letter on cyber incident reporting notification requirements
CUNA reports: NCUA issued a Letter to Credit Unions (23-CU-07) on the cyber incident notification requirements that go into effect Sept. 1. Credit unions will be required to notify the NCUA no later than 72 hours after the credit union reasonably believes it has experienced a reportable cyber incident or has received a notification from…
ShopBack fined S$74,400 for data breach of over a million users
Zhao Yifan reports a follow-up to an incident previously noted on this site. Ecommerce Enablers, which operates the online shopping service platform ShopBack, was fined S$74,400 for its failure to safeguard users’ personal data. The data breach incident happened on Sep 9, 2020 when a malicious threat actor accessed Ecommerce Enablers’ storage server with a…
NYC Finance Department Sent Every Employee Their Colleagues’ Personal Info
Yoav Gonen reports: The city Department of Finance inadvertently emailed a roster of all of its staff — containing home addresses, cell numbers and personal email addresses — to the agency’s roughly 1,800 employees in a botched test of its emergency notification system, THE CITY has learned. The snafu was accompanied by automated calls to…
TN: Cleveland City Schools face ransomware attack
Courtney Goins reports: Cleveland City Schools faced a ransomware attack this week, but it only affected a small number of devices. The school system said they became aware of the issue on Tuesday, August 15. An issue they say is affecting many other school districts as well. […] Sensitive information is secure offsite, and officials…