Brian Krebs reports: Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other…
TX: Dayton Independent School District reports breach
No significant details on this one yet, but Dayton Independent School District in Texas notified the Texas Attorney General’s Office that 841 Texans were notified by mail on April 14 of a data breach that involved names and Social Security Numbers. DataBreaches.net has emailed the district to ask for details and will update this post…
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
Sergiu Gatlan reports: GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. Since this campaign was first spotted on April 12, 2022, the threat actor has already accessed and stolen data from dozens of victim organizations using Heroku and Travis-CI-maintained OAuth apps, including…
Blue Earth County releases report on insider data breach that began in 2020
It seems like only yesterday that we were pointing to an insider-wrongdoing breach that involved people’s medical information. Oh right, it was. And here’s yet another one. Aaron Stuve reports: Blue Earth County has released information regarding a data breach from last year. The report said that an employee of the Human Services Department accessed…
DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii
Meanwhile, last week, AJ Vicens reported: Federal agents in Honolulu last week “disrupted” an apparent cyberattack on an unnamed telecommunication company’s servers associated with an underwater cable responsible for internet, cable service and cell connections in Hawaii and the region, the agency said in a statement Tuesday. Hawaii-based agents with Homeland Security Investigations, an arm…
Law firm says Deaconess doc viewed women’s personal, medical data without cause
John T. Martin reports on a disturbing case of insider-wrongdoing: A law firm says it has spoken with at least six women who received an apology letter in recent months from Deaconess Health System stating a physician accessed their medical records without purpose. The firm, Ladendorf Law of Indianapolis, may pursue claims on behalf of those women,…