DataBreaches.Net – Page 407 – The Office of Inadequate Security

Data from Vietnam’s state-owned oil and gas group and affiliated firms leaked

Posted on March 14, 2023 by Dissent

Three Vietnamese firms involved in the petroleum industry and infrastructure may first be learning that some of their files are being given away freely on BreachForums. Forum user Kernelware posted a listing early Tuesday, identifying the firms as PetroVietnam, Long Son Petrochemicals, and POSCO Engineering & Construction. Kernelware’s post also notes, “…these are just the…

Lawsuit filed against Lehigh Valley Health Network after ransomware gang leaks sensitive patient data online

Posted on March 13, 2023 by Dissent

The following lawsuit and press release were predictable. Could LVHN have protected sensitive patient information better? If so, is less than perfect security somehow “negligent?” And if they are found to be negligent, how will LVHN be held accountable, and how on earth will patients ever come close to being made whole from a breach…

Ransomware Vulnerability Warning Pilot (RVWP)

Posted on March 13, 2023 by Dissent

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which President Biden signed into law in March 2022, required CISA to establish the RVWP (see Section 105 [6 U.S.C. 652]). ALERT CISA Announces Ransomware Vulnerability Warning Pilot Release Date March 13, 2023 Today, CISA is announcing the creation of the Ransomware Vulnerability Warning…

What’s new in ransomware gang pressure tactics? Not as much as you might think.

Posted on March 13, 2023 by Dissent

It’s hard to believe, but it has really been 17 years since PogoWasRight.org began blogging about breaches, and it’s been 14 years since this spinoff site, DataBreaches.net, opened. Since then, DataBreaches has often reported on criminals’ tactics to secure payment from victims, especially those in the healthcare sector. Thousands of archived posts on DataBreaches.net provide…

A joke gone too far: “thekilob” falsely accused of being responsible for DC Links breach

Posted on March 12, 2023September 26, 2024 by Dissent

On March 6, a forum post appeared on BreachForums that listed data for sale from the Health Benefit Exchange Authority, DC.gov The seller, a respected forum user known as IntelBroker, claimed that the data had been hacked within the past hour and contained information on 170,000 users. In less than a day, the data were…

Company accuses former exec of data theft

Posted on March 12, 2023 by Dissent

TNN reports: A company engaged in providing holistic care to children with special needs has accused one of its former executives of stealing confidential data and using the same to start a similar business with a rival firm. In its complaint, the company officials alleged that they hired Pankaj Kumar as deputy general manager (DGM)…