The Office of Inadequate Security
The following statement by the Information Commissioner’s Office concerns a devastating 2022 ransomware attack by LockBit3.0 on Advanced Computer Software Group (“Advanced”), an IT vendor for the UK’s National Health Service (NHS). Here is the ICO’s statement about Advanced: We have provisionally decided to fine Advanced Computer Software Group Ltd (Advanced) £6.09m, following an initial…
Singapore authorities make record recovery thanks to cooperation with Timor Leste through INTERPOL LYON, France: A global stop-payment mechanism developed by INTERPOL has helped Singapore authorities make their largest ever recovery of funds defrauded in a business email compromise scam. On 23 July 2024, a commodity firm based in Singapore filed a police report stating…
Although DataBreaches does not report on all incidents involving U.S. healthcare entities, a log is kept to calculate statistics for the annual Breach Barometer report produced by Protenus, Inc. For the month of July, DataBreaches noted the following six U.S. hospitals disclosed breaches or were claimed as victims by threat actors. Some of these incidents…
Dakota Morrissiey reports: A reported cyberattack disrupted 9-1-1 service at dispatch centers in the Highland Lakes and across Central Texas for over five hours on Sunday, Aug. 4. Emergency calls were rerouted during the incident and full service restored by Sunday evening. Marble Falls, Burnet County, and Llano County dispatch centers were among those impacted…
Risky Biz News reports: German and US authorities have seized a crypto-wallet service named Cryptonator on charges of money laundering and operating an unlicensed money service business. The service allowed individuals to set up crypto-wallet funds that could receive and send funds from and to any type of blockchain service, effectively operating as a “personal…
Cassandre Coyer reports: Jerico Pictures Inc., a background-check company doing business as National Public Data, exposed the personal information of nearly 3 billion individuals in an April data breach, a proposed class action says. On April 8, a cybercriminal group by the name of USDoD posted a database entitled “National Public Data” on a dark…