Arijit Sarkar reports: New Jersey-based crypto financial institution BlockFi confirmed a data breach incident via one of its third-party vendors, Hubspot. BlockFi’s proactive warning about the breach aims to deter the intentions of bad actors in repurposing the user data for fraudulent activities. According to the announcement, the hackers gained access to BlockFi’s client data on…
Leaked ransomware documents show Conti helping Putin from the shadows
Matt Burgess of Wired.com reports: For years, Russia’s cybercrime groups have acted with relative impunity. The Kremlin and local law enforcement have largely turned a blind eye to disruptive ransomware attacks as long as they didn’t target Russian companies. Despite direct pressure on Vladimir Putin to tackle ransomware groups, they’re still intimately tied to Russia’s interests. A recent leak from…
Polish SA: record fine of almost $1.2 million imposed on Fortum Marketing and Sales Polska S.A. for personal data breach
Seen at the European Data Protection Board, a decision from the Polish S.A.: Background information Date of final decision: 19 January 2022 Cross-border case or national case: National Case. Controller: Fortum Marketing and Sales Polska S.A. Legal Reference: Integrity and confidentiality (Art. 5(1)(f)), Responsibility of the controller (Art. 24(1)), Data protection by design and by…
Exotic Lily is a business-like access broker for ransomware gangs
Jeff Burt reports: A group with links to high-profile ransomware crews Conti and Diavol is working as an internet access broker (IAB) for a Russia-linked cybercriminal gang, according to Google’s Threat Analysis Group (TAG). Exotic Lily gains access to vulnerable corporate networks then sells that access to the highest bidder among threat groups, which then…
Ca: Conviction for Illegal Disclosure of Health Information
From the Office of the Information & Privacy Commissioner of Alberta, a new decision: A former Covenant Health employee pleaded guilty to knowingly disclosing health information in contravention of HIA. Samantha Barker was fined $1,500 for the offence under HIA. She also admitted to accessing health information of several people without a valid employment purpose….
New Orleans Woman Sentenced to 15 Months in Federal Prison for Bank Larceny of Over $200,000 Using Patient Information Stolen from Metairie Medical Clinic
There’s an update to a case that involved theft of patient data from an unnamed Metairie clinic to support a fraud scheme. The trio was arrested back in 2015 but have first been sentenced. From the Department of Justice, this press release yesterday: NEW ORLEANS, LOUISIANA – U.S. Attorney Duane A. Evans announced that ASHLEY…