Exposed database backups discovered and reported by researcher @JayelTee are now being reported in more mainstream news after OrthoMinds issued a press about the incident. Marianne Kolbasuk McGee reports: A vendor of cloud-based orthodontic practice software is notifying an undisclosed number of patients that their data was exposed to the internet for 10 days last…
Watsonville Community Hospital still hasn’t notified all those affected by a November data breach; employees are reporting tax refund fraud
Felix Cortez reports: Just months after Watsonville Community Hospital was hit by a cyber-attack, roughly 20 employees at the hospital now say they’re the victims of identity theft. “We heard from a few of our employees that they reported there were fraudulent tax filings in their name, so someone else had tried to file a…
Hacktivists claim cyber-sabotage of 116 Iranian ships
Risky Biz Newsletter reports: An anti-regime hacktivist group has claimed credit over a cyberattack that crippled the on-ship communication systems of 116 Iranian ships. The ships are operated by the National Iranian Tanker Company (50) and the Islamic Republic of Iran Shipping Company (66). […] A group named LabDookhtegan took credit for the sabotage. The attack allegedly…
Ninth Circuit Reverses Probation Sentence for Paige Thompson
Conor Brian Fitzpatrick (aka “Pompompurin” of Breached.vc) isn’t the only person to have their sentence vacated and remanded for re-sentencing this year. Paige Thompson, who was responsible for the massive Capital One hack in 2019, will also be re-sentenced. Eugene Volokh writes: A short excerpt from the 9,000-word U.S. v. Thompson, decided yesterday by Ninth Circuit Judge…
Former University of Michigan Football Quarterbacks Coach and Co-Offensive Coordinator Indicted on Charges of Unauthorized Access to Computers and Aggravated Identity Theft
DETROIT – Former University of Michigan Co-Offensive Coordinator Matthew Weiss—age 42, of Ann Arbor—was charged today in a 24-count indictment alleging 14 counts of unauthorized access to computers and 10 counts of aggravated identity theft, Acting United States Attorney Julie A. Beck announced. Beck was joined in the announcement by Cheyvoryea Gibson, Special Agent in Charge,…
Security Researcher Comments on HIPAA Security Rule
As long-time readers know, DataBreaches has occasionally run into difficulties when trying to helpfully notify entities of their data leaks or breaches. In other cases, independent researchers have also reported frustration with trying to get entities to respond to responsible disclosures. More often than not, initial attempts at disclosure are ignored or go to spam…