One cyberattack is distressing enough. But has The Eye Clinic Surgicenter been attacked by two different groups this year? Silence is not golden if patient data has already been leaked. Last week, Meow Leaks added The Eye Clinic Surgicenter in Montana to their leak site. Meow’s site indicates that is offering 59 GB of files…
Postel S.p.A. and the 2023 Data Breach: The Medusa Attack and Sanctions from the Data Protection Authority
Over on SuspectFile, Marco A. De Felice writes: In August 2023, Postel S.p.A., a leading Italian company in the postal services and digital communications sector, became the victim of a serious cyberattack. The Medusa cybercriminal group exploited unresolved vulnerabilities in the company’s systems, gaining access to a large amount of sensitive data. This breach raised significant…
In legal first, Japan convicts man of abusing AI to generate ransomware
Malay Mail reports: A 25-year-old man has become the first person in Japan to be convicted for criminal activities involving generative AI. According to The Yomiuri Shimbun, the Tokyo District Court found Ryuki Hayashi guilty of creating a computer virus using interactive generative artificial intelligence. He was sentenced to three years in prison, suspended for four…
Italy police arrest four over alleged illegal database access, source says
Reuters reports: Italian police have placed four people under house arrest including Leonardo Maria Del Vecchio, son of the late billionaire founder of Luxottica, as part of a probe into alleged illegal access to state databases, a source said on Saturday. A lawyer for Leonardo Maria Del Vecchio said he was “eagerly awaiting the completion…
Update to Change Healthcare breach
From HHS OCR: “On October 22, 2024, Change Healthcare notified OCR that approximately 100 million individual notices have been sent regarding this breach. ” As DataBreaches mentioned this morning on Infosec.Exchange, is that 100 million an interim update and we should expect another update with even bigger numbers, or is 100 million the total number…
Four members of REvil sentenced by Russian court
The following is a machine translation of a report at the Russian news outlet, Kommersant, concerning the sentencing of four members of the REvil ransomware group: On Friday, October 25, the St. Petersburg Garrison Military Court announced the verdict against Artem Zayets, Aleksey Malozemov, Daniil Puzyrevsky and Ruslan Khansvyarov. The court found them guilty of…