Statement from Orange Belgium S.A. on August 20 2025: At the end of July, Orange Belgium detected a cyberattack on one of its IT systems, resulting in unauthorised access to certain data from 850,000 customer accounts. No critical data was compromised: no passwords, email addresses, bank or financial details were hacked. However, the hacker gained…
Two agencies in one state investigated and fined Healthplex. Was that one too many?
DataBreaches is generally a great fan of state attorneys general taking enforcement action stemming from data breaches where the security was really subpar or the entity did not notify those affected in a reasonable amount of time. But two enforcement actions in New York have me wondering if the state has been a bit unfair…
When a deal is not a done deal: Nova demands higher payment from Clinical Diagnostics (1)
Last week, it appeared that Clinical Diagnostics (“Eurofins”) had paid a gang’s demands not to leak patient data that Nova had exfiltrated during a ransomware attack in July. Clinical Diagnostics in the Netheralands held patient data on 485,000 Dutch women in a cervical cancer screening program. Nova confirmed the payment to a Dutch news outlet….
HHS OCR Settles HIPAA Ransomware Security Rule Investigation with BST & Co. CPAs, LLP
In February 2020, DataBreaches reported that patients of Community Care Physicians in New York may have had their protected health information, date of birth, and insurance coverage exposed as a result of a ransomware attack by Maze Team at the Albany-based accounting firm BST & Co. CPAs. The incident was reported at the time to…
Microsoft’s Nuance coughs up $8.5M to rid itself of MOVEit breach suit
Carly Page reports: Microsoft-owned talk-to-text outfit Nuance has agreed to cough up $8.5 million to settle a class action lawsuit over the sprawling MOVEit Transfer mega-breach – although it admits no liability. The proposed deal [PDF], filed in a Massachusetts federal court last week, would draw a line under litigation brought by individuals who claimed that the company failed…
18 Arrested as Gurugram Call Centre Data Leak Fuels Massive SBI Credit Card Scam
The420.in reports: The Delhi Police have arrested 18 individuals for duping State Bank of India (SBI) credit card holders of nearly ₹2.6 crore [USD $296,630.45] in a nationwide fraud. The operation, which ran for six months, relied on insider leaks at a Gurugram-based call centre and a sophisticated money-laundering network that spanned cash deals and…