Ax Sharma reports: Adafruit has disclosed a data leak that occurred due to a publicly-viewable GitHub repository. The company suspects this could have allowed “unauthorized access” to information about certain users on or before 2019. Based in New York City, Adafruit is a producer of open-source hardware components since 2005. The company designs, manufactures, and sells electronics…
Malware now using stolen NVIDIA code signing certificates
Lawrence Abrams reports: Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. […] After Lapsus$ leaked NVIDIA’s code-signing certificates, security researchers quickly found that the certificates were being used to sign malware and other tools used by threat actors. According to samples…
Duncan Regional Hospital notifies more than 92,000 patients of data security incident
Charlene Belew reports: Officials with DRH Health, the leading healthcare provider in Stephens County, confirmed Friday, March 4 a data incident dating back to January of this year may have impacted protected health information for some patients. On Jan. 20, DRH reported an incident affected on of their servers, although an investigation launched immediately and…
Hackers leak 190GB of alleged Samsung data, source code
Ionut Ilascu reports: The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. The leak comes less than a week after Lapsus$ released a 20GB document archive from 1TB of data stolen from Nvidia GPU designer. In a note posted…
PA: Fleetwood Area School District hit by ransomware
WFMZ reports: Officials at a school in Berks County said their computer systems were attacked by ransomware. Fleetwood Area School District Superintendent Greg Miller sent a letter to families and staff Friday afternoon informing them that technical difficulties experienced on Wednesday morning were the result of a ransomware attack. Read more at WFMZ.
Crossroads Health of Lake County discloses breach affecting former Beacon Health patients
It’s not a huge breach in terms of numbers compared to other breaches we’ve seen, but an incident reported by Crossroads Health in Ohio caught my eye because once again, it was old (legacy) data that was accessed and exfiltrated. In an undated statement on their website, Crossroads explains that an unauthorized party gained access…