In October, 2021, this site reported that Central Indiana Orthopedics (CIO) had promptly disclosed a data security incident involving Grief threat actors. This week, CIO’s external counsel notified the Maine Attorney General’s Office about the incident, reporting that 83,705 patients were impacted, total. Types of information involved included name, address, Social Security number, and limited…
Belarus conducted widespread phishing campaigns against Ukraine, Poland, Google says
Joseph Menn reports: Belarus conducted widespread phishing attacks against members of the Polish military as well as Ukrainian officials, security researchers said Monday, providing more evidence that its role in Russia’s invasion of Ukraine has gone beyond serving as a staging area for Russian troops. Google’s threat-hunting team released details of the tricks deployed against…
MN: District 518 is investigating whether data was compromised when an employee’s email account was hacked
Kari Lucin reports: A District 518 employee’s email was hacked and an investigation is underway to determine whether any data was compromised. “At this point we don’t anticipate it to be a major data breach or a large issue, but we’re trying to ensure we do our due diligence on checking,” said Superintendent John Landgaard,…
Zywave seeks approval of $11 million data breach lawsuit settlement
It’s one thing to update a breach report with a notice of lawsuit settlement, but it’s another to realize you never covered the original breach at all. Let’s remedy that now. On February 27, 2021, Zywave and its subsidiary, Insurance Technologies Corp (ITC) suffered a data breach. From a press release by plaintiff’s counsel: Cybercriminals…
Herff Jones settles data breach law suit for $4.35 million
There’s an update to the Herff Jones data breach previously noted on this site. According to TopClassActions: Herff Jones will pay $4.35 million to resolve claims it failed to protect its customers during a 2021 data breach. The settlement benefits individuals whose payment card information was exposed during the Herff Jones data breach. Included consumers…
“Alexa, hack yourself” – researchers describe new exploit that turns smart speakers against themselves
Graham Cluley reports: Researchers have discovered a novel way of exploiting Amazon Echo smart speakers to perform commands. They get the Amazon Echo speaker to say the commands to itself. In a technical paper, researchers from London’s Royal Holloway University in London and the University of Catania in Italy describe their findings, which exploits how an…