The following is a press release issued yesterday by the U.S. Attorney’s Office, District of New Jersey: Two foreign nationals pleaded guilty today in Newark federal court to participating in the LockBit ransomware group – at various times the most prolific ransomware variant in the world – and to deploying LockBit attacks against victims in…
Judge Guts SEC Case Against SolarWinds Over Cyber Practices
Cassandre Coyer reports: A US federal judge dismissed much of the Securities and Exchange Commission’s lawsuit against SolarWinds Corp. that alleged the software provider misled investors about its cybersecurity practices and the significance of a major data breach that spilled into the US government. Thursday’s ruling was seen as a blow to the SEC’s aggressive efforts to regulate…
Cyberattack on prescription service MediSecure affects 13 million Australians
Angus Dalton reports: Almost 13 million Australians had personal and health-related data stolen in the MediSecure cyberattack earlier this year, making the mass hack one of the largest ever. The Melbourne-based online prescription service company announced it was the victim of a ransomware data breach in May. A week later, a hacker claiming to possess…
Pueblo County D70 data breach may have compromised information of former students, staff
James Bartolo reports: Pueblo County School District 70 is addressing a data breach and ransomware attack that may have compromised the personal information of former students, as well as current and former staff. The data breach is believed to have impacted a number of student records saved between 1991 and 2006. Past and present staff…
No need to hack when it’s leaking, Wednesday edition: Nearly 150,000 Records Were Exposed Online by On-Site Medical Service Provider
Website Planet reports that Jeremiah Fowler discovered a non-password-protected database that contained 148,000 records belonging to InHouse Physicians — a healthcare provider that offers on-site medical services and wellness programs to organizations, including corporate health and wellness solutions, event medical services, and occupational health programs. The non-password-protected database contained 148,415 PDF documents totalling 12 GB. Each document…
Shame on Interserver.net for not responding to notification of exposed sensitive and stolen data
Shame on Interserver.net. On July 10, DataBreaches notified hostdepartment.com by email that an IP address was exposing hundreds of data leaks/dumps that had been caught up in hacking or ransomware incidents. When they didn’t respond, I called them the next day. They asked me to resubmit the abuse alert to interserver.net. I promptly did that…