Brandon Harder provides this morning’s reminder of the insider threat: Without legal authority, a nurse who worked at Saskatoon’s Jim Pattison Children’s Hospital snooped on the private medical records of 314 patients, according to a recent report. The report, dated April 23 and signed by Saskatchewan Information and Privacy Commissioner Ronald J. Kruzeniski, states that…
Dating app Raw exposed users’ location data and personal information
Zack Whittaker reports: A security lapse at dating app Raw publicly exposed the personal data and private location data of its users, TechCrunch has found. The exposed data included users’ display names, dates of birth, dating and sexual preferences associated with the Raw app, as well as users’ location. Some of the location data included…
Hacker hired Telangana man to courier threats to Star Health Insurance MD
Siddharth Prabhakar reports: CHENNAI: The case of breach of data of 3.1 crore customers of the Chennai-headquartered Star Health Insurance has taken a fresh turn with its MD Anand Roy, his wife Akhila Shetty Roy and CFO Nilesh Kambli allegedly getting threat messages delivered via courier from Hyderabad. A probe by the TN cyber crime…
Acadian Ambulance Seeks Dismissal of Data Breach Lawsuit
Stephen Marcantel reports that Acadian Ambulance is seeking dismissal of a class-action lawsuit stemming from a ransomware attack in 2024 by Daixin Team. Acadian is claiming there is no proof that any patient has experienced any actual harm from the breach. The lawsuit, which was consolidated from 10 other class actions, claims that the July…
US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks
Bill Toulas reports: A 36-year-old Yemeni national, who is believed to be the developer and primary operator of ‘Black Kingdom’ ransomware, has been indicted by the United States for conducting 1,500 attacks on Microsoft Exchange servers. The suspect, Rami Khaled Ahmed, is accused of deploying the Black Kingdom malware on roughly 1,500 computers in the United…
“SCAM” is a four-letter word: BreachForums edition (1)
When BreachForums[.]st went offline on April 15, the rumor mills sprang into action. Claims that the forum had been seized (again), or that the owner, ShinyHunters, or Anastasia had been arrested were tossed around, with the only evidence to support any of the claims being redirects of Telegram accounts to FBI Telegram accounts. So of…