James Rundle reports: Payroll services provider UKG has agreed to settle a class-action lawsuit stemming from a cyberattack in 2021, capping a significant piece of litigation that emerged from the incident. A ransomware strike in December 2021 forced parts of UKG’s Kronos Private Cloud product offline, disrupting software that tracked employee hours during the Christmas holiday period….
UK: ‘Just a slap on the wrist’ for Gloucester council data breach which saw people’s data fall into hands of criminals
Carmelo Garcia reports: After months of chaos which saw data fall into the hands of cyber criminals from Russia who hacked into Gloucester City Council, the authority will “just get a slap on the wrist”. The authority was targeted by hackers in late 2021 and public services across Gloucester were severely disrupted during the following year. The…
UK: Sex abuse victim’s details could be among hundreds revealed by data breach
Bradley Jolly reports: A sex abuse survivor is one of “around 400” victims of a “chilling” data breach, it tonight has emerged. The London Mayor’s Office blunder, currently under investigation, involves complaints about policing in the capital being made wrongly accessible via an official website. The survivor of sexual abuse has described her distress tonight. The probe centres…
Hillsborough notifies 70,000 of potential data breach in health, aging services
C. T. Bowen reports: Hillsborough County has notified more than 70,000 people that a global data breach may have put their personal information at risk. The breach involved the MOVEit file transfer tool, a third-party service that complies with federal Health Insurance Portability and Accountability Act (HIPAA) regulations. The breach also may have affected 106…
Owner of BreachForums pleads guilty in federal court to three counts, including one involving child pornography
Update and note: After this post appeared and was posted on Mastodon, some people complained about the original headline, characterizing it as “clickbait.” That was not my intention. I was just trying to accurately describe what I saw as the most noteworthy part of the situation without mentioning either CSAM or CP in the headline…
Millions of personal records unprotected in flawed telemedicine application software
Rosie Talaga reports: QuickBlox, a software development framework used in telemedicine and finance, was found to have several critical security flaws, according to a joint study from computer and network security research firms Check Point Research and Claroty Team82 published July 12. QuickBlox’s video and chat features are commonly used in mainstream telemedicine applications and platforms. The…