An unsecured backup blob exposed pre-employment background checks on approximately 200,000 people. Applicant files contained various amounts of personal and occupational information, including SSN, name, address, driver’s license, date of birth, education and employment history, and in some cases, criminal background checks. Files went back 15 years. The blob was unsecured for at least six…
Russian Citizen Sentenced to 40 Months for Selling Stolen Financial Information on the Criminal Internet Marketplace Slilpp
WASHINGTON – Georgy Kavzharadze, 27, of Moscow, Russia, was sentenced today to 40 months in prison for being a prolific vendor of stolen financial information, login credentials, and other personally identifying information (PII) on a criminal internet marketplace called Slilpp, announced U.S. Attorney Matthew M. Graves and FBI Special Agent in Charge David…
From the “I Wouldn’t Hold My Breath Department”
We understand why courts issue such injunctions and rulings, but still… PA News Agency reports: Hackers responsible for a cyber attack that led to more than 10,000 NHS appointments being cancelled have been ordered by a High Court judge to “unmask” themselves and return or delete stolen data. Pathology services provider Synnovis was targeted by…
Three State Attorneys General Secure $4.5 Million from Enzo Biotech for Failing to Protect Health Data of 2.4 Million Patients
NEW YORK – New York Attorney General Letitia James and the attorneys general of Connecticut and New Jersey today secured $4.5 million from Enzo Biochem, Inc. (Enzo) for failing to adequately safeguard the personal and private health information of its patients. Enzo is a biotechnology company that offers patients diagnostic testing at its laboratories in New York,…
U.S. Army Intelligence Analyst Pleads Guilty to Charges of Conspiracy to Obtain and Disclose National Defense Information, Export Control Violations and Bribery
Today’s reminder of the insider threat is yesterday’s press release from the Department of Justice: Korbein Schultz, a U.S. Army soldier and intelligence analyst, pleaded guilty today to all charges against him in the indictment returned by a federal grand jury in March 2024 charging him with conspiracy to obtain and disclose national defense information,…
Update: Gramercy Surgery Center attackers leaked patient data going back 20 years (1)
On June 18, Gramercy Surgery Center in New York discovered it might have been the victim of a cyberattack attack. It had been, and DataBreaches recently reported that the threat actor(s) known as Everest Team leaked more than 460 GB of files they claimed to have exfiltrated. Neither Gramercy Surgery Center (GSM) nor Everest responded…