Update: As more details emerge, this story gets even bigger in some respects. See this news coverage at: https://www.gizchina.com/2023/05/13/toyota-mishandled-user-data-by-publishing-over-2-million-user-info-online/ Daniel Leussink and Kantaro Komiya report: Toyota Motor Corp said on Friday the vehicle data of about 2.15 million users was left publicly available in Japan for about a decade from November 2013 to mid-April. […]…
NY: Richmond University Medical Center suffers ransomware attack; unclear if patient info compromised
Joseph Ostapiuk reports: Richmond University Medical Center (RUMC) in West Brighton experienced a recent ransomware attack that has triggered an ongoing network outage at the hospital, an official said. The extent of the breach, which has crippled online services at the over-470 bed facility, is not currently clear. The hospital is now working to both…
Employee records exposed in Ambulance Victoria data breach
Anthony Anderson reports: Confidential employee information has been exposed in a data breach at Ambulance Victoria (AV). The data in question is the drug and alcohol tests of prospective graduate paramedics collected between May 2017 and October 2018. The documents had become accessible on Ambulance Victoria’s internal intranet. Read more at Herald Sun.
Some Cornwall Community Hospital services still impacted by cyber incident
The Kingston Whig Standard reports: It’s been a month since a cyber incident brought down the Cornwall Community Hospital’s computer systems. In response to a requested update, CCH posted one Thursday on its website and social-media channels, indicating many of its services are now back to expected activity volumes and it’s resumed its standard approach…
A harbinger of bad things to come?
Seen on the AlphV/BlackCat leak site today: ResultsCX | The result of many unknown breaches? 5/11/2023, 9:03:10 PM We have numerous accounts to share about how our organization was able to gain initial access to various fortune 100 companies using the ResultsCX network and credentials. Interestingly, these companies are completely unaware that we have accessed…
#StopRansomware: Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
Jen Easterly, Director of CISA, tweeted: In early May 2023, a group self-identifying as the Bl00dy Ransomware Gang was observed attempting to exploit vulnerable PaperCut servers at educational institutions. Read our joint advisory with @FBI and apply patches or workarounds today: http://go.dhs.gov/4sz The advisory is embedded below: