Back in July, DataBreaches reported on an Avamere Health Services breach. Avamere has now updated their breach notification. Their newer notice is being provided on behalf of the following entities to whom Avamere is a Business Associate as defined under the Health Insurance Portability and Accountability Act (“HIPAA”): A-One Home Health Services, LLC Avamere at…
Mass Email Extortion Campaign Claims Server Hack; Tries to Extort Troy Hunt
Phil Muncaster reports: Security experts have revealed a new extortion campaign threatening to leak sensitive corporate data unless a Bitcoin payment is made. Microsoft regional director and HaveIBeenPwned founder, Troy Hunt, revealed the unsolicited email in a social media post. It claimed that the fraudsters had hacked his site by exploiting some unnamed vulnerabilities and…
Hong Kong regulator issues investigative report on 2021 Fotomax ransomware incident
The Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong published an investigation report today concerning a ransomware attack on the database of Fotomax (F.E.) Limited. From the news release: The investigation arose from a data breach notification lodged by Fotomax with the PCPD on 1 November 2021, which reported that the…
Booz Allen Hamilton Holding Corporation notifies employees of insider breach
Booz Allen Hamilton Holding Corporation has disclosed an insider breach involving the sensitive, personally identifiable information (PII) of active employees as of March 29, 2021. According to their notification, a copy of which was submitted to the Montana Attorney General’s Office, Booz Allen recently learned that while employed by Booz Allen, a former employee obtained…
UK: Hacked evidence and stolen data swamp English courts
Franz Wild, Ed Siddons, Simon Lock, Jonathan Calvert, and George Arbuthnott report: A multimillion-pound high court case between an authoritarian Gulf emirate and an Iranian-American businessman has revealed how hacked evidence is being used by leading law firms to advance their clients’ claims. It includes allegations that a former Metropolitan Police officer hired Indian hackers…
Hu: EdTech firm eKRÉTA that stores personal info of students breached by hacking group
As seen on Catalin Cimpanu’s RiskyBiz News: Major breach in Hungary: A hacking group named Sawarim has breached eKRÉTA, the company behind a school management platform widely deployed across Hungary. The platform is believed to store the personal details of more than 720,000 Hungarian students, aged between 6 and 18 years. While the hackers told a local…