Seen on haveibeenpwned.com: 1,476,783 accounts dumped: In February 2016, the Russian portal and email service KM.RU was the target of an attack which was consequently detailed on Reddit. Allegedly protesting “the foreign policy of Russia in regards to Ukraine”, KM.RU was one of several Russian sites in the breach and impacted almost 1.5M accounts including sensitive personal information….
Three men associated with Anonymous Australia facing jail time. Part 3: “Lorax” avoids jail
In May, 2014, three men associated with Anonymous in Australia were all arrested and charged. DataBreaches.net covered their involvement with Anonymous and the charges against them. The first man, Mathew Hutchison (“Rax”), pleaded guilty to inciting others to attack government sites. He was able to avoid jail time, but had other conditions imposed on him….
MTISC-GOG investigation finds no evidence of breach
There’s a follow-up to a post concerning a possible data breach involving Maritime Trade Information Sharing Centre, Gulf of Guinea (MTISC-GOG). A statement from BIMCO had suggested that there had been a breach that could put ships at greater risk of attacks by pirates. DataBreaches received the following statement from LT(GN) Felix Tsekpetse, Officer in…
CFPB fines start-up Dwolla $100,000 for misrepresenting its data security
It’s not just the FTC looking at your security and your representations to clients about the security of your product. While the FTC recently settled charges against Henry Schein Practice Solutions for advertising a Dentrix product as providing “encryption” when it didn’t, the Consumer Financial Protection Bureau is also taking aim at companies that mislead consumers about security,…
PA: FBI investigates Main Line Health Spear Phishing Incident (UPDATED)
Another day, another successful phishing scheme. In late afternoon on March 1, 2016, Main Line Health learned of a “spear phishing” incident that affected the personal information of all Main Line Health employees. Main Line Health immediately alerted federal authorities, including the IRS and FBI, regarding this incident and is cooperating with their investigation. No…
Eye Institute of Corpus Christi notifies patients of breach
Here’s yet another case where patients’ personal information and protected health information was stolen and used to solicit patients to another practice. The Eye Institute of Corpus Christi, through its external counsel, disclosed that on January 6, they learned that individuals associated with doctors formerly employed by the Eye Institute copied the patient database and provided…