Marco A. De Felice reports: 27,367 people, including patients and healthcare / administrative staff, were affected by the theft of sensitive data after the ransomware-type cyber attack last May 5 at the San Diego American Indian Health Center (“SDAIHC”) in the state of California. Recall that, among the people involved in the theft of their sensitive data, there…
New ‘Donut Leaks’ extortion gang linked to recent ransomware attacks
Lawrence Abrams reports: A new data extortion group named ‘Donut Leaks’ is linked to recent cyberattacks, including those on Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and multinational construction company Sando. […] Strangely, the data for these victims have now appeared on the data leak site for a previously unknown extortion gang…
ParkMobile Can’t Escape Data Breach Class Action
Kathryn M. Rattigan of Robinson + Cole has an update on litigation stemming from a breach disclosed in April 2021: The class action lawsuit will continue against ParkMobile LLC for a data breach that affected 21 million users of the parking app (Baker v. ParkMobile LLC).The ParkMobile app allows users to pay for parking without…
Ex-MLB pitcher and Ohio mayor Chuck Smith sentenced to 33 months in dark web credit card fraud
From major league pitcher to suburban mayor to Amazon driver to…. prison. Wow. Lukas Alpert reports: A former major league pitcher who later served two terms as the mayor of a Cleveland suburb, has been sentenced to 33 months in prison for using stolen credit card info to buy gas. Charles E. Smith, Jr., 52,…
HC3: Analyst Note: Karakurt Threat Profile
HC3: Analyst Note TLP: White Report: 202208241200 Executive Summary Karakurt ransomware group, also known as the Karakurt Team and Karakurt Lair, is a relatively new cybercrime group, with researchers reporting its first emergence in late 2021. Karakurt actors claim to steal data and then threaten to auction it off or release it to the public…
Et tu, Last Pass?
Received today: Dear valued customer, We are writing to inform you that we recently detected some unusual activity within portions of the LastPass development environment. We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some…