Here’s a statistic I haven’t seen before. Rachel DePompa reports: According to a new study by the Identity Theft Resource Center, Americans know about credit freezes but rarely use them. The research was published by the nonprofit DIG.Works. It found only 3% of surveyed consumers actually froze their credit after receiving a data breach notice….
NY: Nassau notifies 209 workers their confidential personal data may have been breached by employees
Scott Eidler reports: Nassau officials have notified more than 200 current and former employees in the Assessment Department their confidential personal data may have been breached after some co-workers last year gained unauthorized access to human resources information about department workers. In a letter Thursday to Nassau County Executive Bruce Blakeman and county legislators, Technology…
2021 Saw Sharp Increase in Ransomware Data Leaks and Ransom Demands
HIPAA Journal has a piece highlighting some findings from Crowdstrike’s 2021 report. It begins: CrowdStrike has released its annual threat report which shows there was a major increase in data leaks following ransomware attacks in 2021, rising 82% from 2020. CrowdStrike observed 2,686 ransomware attacks in 2021 compared to 1,474 in 2020. There were more…
This site’s new “No help for you” policy
From the “Yes-I’m-grumpy-but-you-earned-it Department:” Over the years, mainstream journalists have reached out to me for information related to breach stories they were developing, and I generally tried to help them. In some cases, that might involve a few phone calls. In other cases, it might be an hour or more of my time on the…
QRS Data Breach Exposed Psych Care Consultants Patient Information – Class Action Allegations
DataBreaches.net does not report on most potential class action lawsuits because many of them will not survive motions to dismiss. This case, however, is a bit more interesting to me because it involves sensitive mental health data, ransomware, leaked data, and claims about inadequate monitoring of a business associate. The case is K.L. v. Psych…
Elephant Beetle: Stealthy Hacker Group Stole Millions Undetected
Damir Mujezinovic reports: Israeli cybersecurity firm Sygnia released a report in January 2022 revealing that a hacker group dubbed Elephant Beetle siphoned off millions from businesses in the financial sector in Latin America. […] To carry out its Java-based attacks, Elephant Beetle uses a wide arsenal of more than 80 unique tools and scripts, the researchers wrote…