When DataBreaches was a kid, the “new math” they were experimenting with had us learning binary and other systems. It didn’t go over well with us, our teachers, or our parents back then. Now the “new math” for me is UNCs — specifically 6040, 5537, 3944, and 6240. 6040+5537+3944 +6240 = Scattered Spider + ShinyHunters…
Why we shouldn’t just repeat ransomware groups’ claims, Sunday edition
Some data leaks are not what you might expect from their listing on a dark web leak site. Today’s example is courtesy of a ransomware group that listed a medical practice on its leak site and then published the data. Because it was a medical practice, DataBreaches started to inspect the data tranche. To my…
Aftermath: More than 99% of providers opted to have Change Healthcare notify patients of its massive data breach
The Change Healthcare data breach affecting more than 190 million patients, stands as the largest single breach ever affecting patients. Threat actors known as BlackCat (aka AlphV) had reportedly used a set of stolen credentials to remotely access the company’s systems that weren’t protected by multifactor authentication. Confronted with a massive breach, UnitedHealth decided to…
Qilin Ransomware Affiliate Panel Login Credentials Exposed Online
Kaaviya reports: A significant security breach within the Qilin ransomware operation has provided unprecedented insight into the group’s affiliate network structure and operational methods. On July 31, 2025, internal conflicts between the ransomware group and one of its affiliates led to the public exposure of sensitive operational details, marking a rare glimpse into the inner…
HCA Healthcare settled two lawsuits this week; one was over its 2023 data breach
Steve Alder reports: HCA Healthcare Inc. has agreed to settle class action litigation stemming from a July 2023 data breach that was reported to the HHS’ Office for Civil Rights as affecting 11,270,000 patients. The affected individuals had received healthcare services at HCA hospitals and doctors’ offices in 20 U.S. states. HCA Healthcare was targeted by hackers…
Highlands Oncology Group notifies 113,575 people after ransomware attack by Medusa
On August 1, Highlands Oncology Group in Arkansas notified the Maine Attorney General’s Office of a ransomware attack it discovered on June 2, when certain files and systems were inaccessible. Investigation into the incident revealed that there had been unauthorized access at times between January 21, 2025, and June 2, 2025. On June 19, the…