Ryan Knappenberger reports: The U.S. Department of the Treasury said on Monday that Chinese-backed hackers had breached its workstations and gained access to unclassified documents earlier this month in what it described as a “major cybersecurity incident.” The announcement comes just over a month after the Senate Intelligence Committee revealed recent Chinese hacks into the…
Threat actors’ leak site unreachable due to DoS attack; DataBreaches given exclusive preview of leak Marc Fortier reports: The hackers behind a major cyberattack that hit the State of Rhode Island’s online system for delivering health and human service benefits have released some residents’ files to a site on the dark web, state officials announced Monday. “Unfortunately,…
Kathleen de Villa reports: The Commission on Audit (COA) has called out the National Privacy Commission (NPC) for its “inadequate” information dissemination efforts, as shown by the dismal number of data privacy officers and systems in both the government and the private sector. Despite being compulsory under the law, only 7.7 percent, or 164 of…
Chris Riotta reports: The U.S. Department of Health and Human Services is ramping up digital efforts to protect Americans in a year that’s witnessed hackers targeting sensitive patient data and major breaches at Ascension and UnitedHealth. HHS is set to unveil a notice of proposed rulemaking requiring healthcare companies to encrypt data, conduct routine compliance…
Thanos Pappas reports: Many people worry about hackers stealing their personal data, but sometimes, the worst breaches come not from shadowy cybercriminals but straight from the companies we trust. According to a new report from Germany, the VW Group stored sensitive information for 800,000 electric vehicles from various brands on a poorly secured Amazon cloud—essentially leaving…
There are always a ton of articles at the end of every year recapping what went wrong. Over on TechCrunch, Zack Whittaker and Carly Page have their annual list of breaches handled poorly. This year’s list includes 23andMe, Change Healthcare, Synnovis, Snowflake, Columbus Ohio, Salt Typhoon, Moneygram, and HotTopic. DataBreaches generally agrees with their recap,…