Hamed Aleaziz reports: Immigration and Customs Enforcement accidentally posted the names, birthdates, nationalities and locations of more than 6,000 immigrants who claimed to be fleeing torture and persecution to its website on Monday. The unprecedented data dump could expose the immigrants — all of whom are currently in ICE custody — to retaliation from the…
De: Klinikum Lippe hospital decrypts data after “intensive negotiations” with ransomware attackers
The Klinikum Lippe describes itself as one of the largest municipal hospitals in Germany and part of the University Hospital OWL of the University of Bielefeld. On November 17, they detected a significant cyberattack that impacted all three of their locations: Detmold, Lemgo, and Bad Salzuflen. From its own statements, it appeared that the hospital…
LastPass’s August incident contributed to a new incident
There’s an update to the LastPass security incident they disclosed in August. LastPass had released its findings from that incident in a September update, posted on their site. But now there’s another a new disclosure involving an incident facilitated by the August incident. LastPass’s CEO, Karim Toubba, writes: We recently detected unusual activity within a third-party…
Sandworm gang launches Monster ransomware attacks on Ukraine
Jeff Burt reports: The Russian criminal crew Sandworm is launching another attack against organizations in Ukraine, using a ransomware that analysts at Slovakian software company ESET are calling RansomBoggs. In a Twitter thread, the ESET researchers wrote that they had detected RansomBoggs deployed within the networks of “multiple organizations in Ukraine.” While some aspects of RansomBoggs…
Nurse removed confidential patient files from three nursing homes in Cork and Kerry
Sean McCarthaigh reports: A registered nurse had admitted being guilty of professional misconduct over the unauthorised taking of a large number of confidential patient records and medical files from three nursing homes where she worked in Kerry and Cork. The nurse, Rasa Leliene, appeared before a fitness-to-practise inquiry of the Nursing and Midwifery Board of…
Connexin Software notifies parents of 2.2 million pediatric patients of hack
Connexin Software, a business associate to numerous pediatric practices, recently notified HHS that it experienced a breach that affected 2,216,365 patients. One thing DataBreaches noted with interest in their substitute notice below is their statement that an unauthorized individual was able to access an offline set of patient data used for data conversion and troubleshooting. …