On June 23, DataBreaches published the first of a series of interviews with Pepijn Van der Stap, aka “Umbreon.” Van der Stap, 21, was arrested in January and remains in detention, awaiting trial on charges that include hacking, data exfiltration, extortion, sale of stolen data, and money laundering. At the end of the first article,…
More plastic surgery patients have their nude photos and information leaked
An unknown party or parties who created a leak site with nude photos and medical records of a well-known plastic surgeon’s patients have uploaded more of his patients’ photos and records. In what was their third update to the leak site since June 5, those responsible wrote that they have changed their strategy. Before publishing…
Pointed to a phishing campaign targeting the healthcare sector, Microsoft leaps into action to … not even investigate?!
The relaxing Sunday I was looking forward to did not quite work out as planned. Dutch researcher and all-around good-guy Jelle Ursem (aka @SchizoDuckie) got in touch with me about what appeared to him to be a sketchy site allegedly by a well-known prescription management entity. After a few minutes of checking, there was no…
Norwegian ministries hit by cyberattack
The Norwegian Government Security and Service Organisation (DSS) has detected a cyber-attack on the ICT platform used by 12 ministries. The matter is currently being investigated by the police. “We are taking this incident very seriously. The Norwegian Government Security and Service Organisation (DSS) is cooperating closely with the National Security Authority (NSM) and the…
Teachers Insurance and Annuity Association of America notifying 2,630,717 after PBI alerts them to MOVEit breach
As those trying to monitor and analyze the massive MOVEit breach are already aware, the Teachers Insurance and Annuity Association of America (“TIAA”) provided university faculty retirement benefits to a number of colleges and universities. The TIAA part of the breach was not a direct attack on the vendor’s systems. TIAA was notified by its vendor,…
Buckingham County Public Schools notifies 86 students after a business email account was compromised
Buckingham County Public Schools in Virginia has sent notifications to parents of 86 students after a compromise of a district’s business email account. The incident occurred on June 20. Information in the email account included the student’s name “coupled with a limited amount of health or medical diagnostic and treatment information, and/or address. Examples typical…