For your “No need to hack if it’s leaking” files, C. J. Getting reports: Confidential student information was unintentionally leaked in Naperville Central’s School Improvement Plan, which was released publicly on Friday, Sept. 20. It was removed on Tuesday, Sept. 24 around 3:35 p.m. when Central Times staff brought the breach to the attention of…
HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation for $250,000
The following is a press release from HHS OCR concerning a settlement stemming from a March 2017 ransomware attack experienced by Cascade Eye & Skin Centers in Washington. DataBreaches was not previously aware of this incident and can find no news coverage of it at the time nor any entry on HHS’s public breach tool…
Two Russian Nationals Charged in Connection with Operating Billion Dollar Money Laundering Services
A press release from the U.S. Department of Justice: The Justice Department today announced actions coordinated with the Department of State, Department of the Treasury, and other federal and international law enforcement partners to combat Russian money laundering operations. The actions involved the unsealing of an indictment charging a Russian national with his involvement in…
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates
Ravie LakshmananRavie Lakshmanan Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. “These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an…
Websites exposing Aadhaar and PAN details blocked by India’s MeitY
Mint reports: The Government of India has blocked several websites that were found to be exposing sensitive personal information, including Aadhaar and PAN card details of Indian citizens. This action was taken by the Ministry of Electronics and Information Technology (MeitY). The Unique Identification Authority of India (UIDAI) has also filed an official complaint with…
AU: I-MED data breach exposes tens of thousands of patient files using details shared online for a year (1)
Cam Wilson reports: Tens of thousands of patients from Australia’s biggest medical imaging provider I-MED have had swaths of sensitive health and personal information exposed in a data breach using details that have been public for a year. This sounds like another case where a threat actor found credentials online. Crikey reports: In this case,…