TheWeek reports: An Israeli private investigator, currently awaiting his sentence in the US, used Indian hackers to conduct surveillance operations for ultra-wealthy Russians, according to a Reuters report. Reuters reported last year that Israeli private detective Aviram Azari was accused of hiring the Indian hacking firm BellTroX on behalf of powerful clients. Independent journalist Scott…
GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack
Pierluigi Paganini reports: GitHub provided additional details about the incident that suffered in April, the attackers were able to steal nearly 100K NPM users’ credentials. In April, GitHub uncovered threat actors using stolen OAuth user tokens to gain access to their repositories and download private data from several organizations. […] The threat actors allegedly obtained the…
IL: Cyberattack costs City of Quincy $650,000
J. Robert Gough reports: Quincy Mayor Mike Troup said the city has spent about $150,000 on outside consultants and $500,000 for an encryption key to regain access to the city’s information services systems. In other words, $500,000 in ransomware. In a news conference Tuesday morning, Troup gave a timeline of events that have taken place…
Data breach class actions: Southern District of New York dismisses action against health care providers for lack of standing
James Bogan III of Kilpatrick Townsend & Stockton LLP writes: Takeaway: In a prior article, we reported on the Second Circuit’s decision in McMorris v. Carlos Lopez & Associates, LLC, 995 F.3d 295 (2d Cir. 2021), in which the court, ruling on an issue of first impression, set out a non-exhaustive three-factor test for determining…
Hacker Steals Database of Hundreds of Verizon Employees
Lorenzo Franceschi-Bicchierai reports: A hacker has obtained a database that includes the full name, email address, corporate ID numbers, and phone number of hundreds of Verizon employees. …. The hacker contacted Motherboard last week to share the information. The anonymous hacker said they obtained the data by convincing a Verizon employee to give them remote…
Ambulance billing service and two health systems report breaches involving protected health information
Comstar LLC Ambulance billing service Comstar LLC in Massachusetts is notifying an as-yet undisclosed number of people following a data security breach of their systems that was detected on March 26, 2022. It is not clear from their notice whether those being notified are all patients who used their service, or if there are also…