On September 13, DataBreaches.net added an entry to the monthly worksheet this site maintains for annual data analyses. The entry was for “One Community Health” in Oregon, but it was not the covered entity that announced the breach. DataBreaches.net learned about the breach from Pysa threat actors who had added the covered entity to their…
Panasonic discloses four-months-long data breach
Catalin Cimpanu reports: Japanese electronics giant Panasonic has disclosed on Friday a major security breach after an unidentified threat actor had gained access to its internal network. The Osaka-based company said it detected the security breach earlier this month, on November 11. “As the result of an internal investigation, it was determined that some data…
Daily Mail claims to have located REvil threat actor wanted by FBI for ‘using ransomware to fleece millions of dollars’ from Americans
The Daily Mail is not a news outlet that I would normally turn to for breaking news about tracking down a Russian cybercriminal, but that is what they claim to have done. Will Stewart reports: One of the FBI’s most wanted men linked to ransomware gang REvil is living freely in a Siberian city with…
Huge fines and a ban on default passwords in new UK law
Jane Wakefield reports: The government has introduced new legislation to protect smart devices in people’s homes from being hacked. Recent research from consumer watchdog Which? suggested homes filled with smart devices could be exposed to more than 12,000 attacks in a single week. Default passwords for internet-connected devices will be banned, and firms which do…
Alberta Health says privacy breach possible on province’s vaccine passport website
CBC reports: The province’s vaccine record website experienced a possible privacy breach, Alberta Health said in a statement Thursday. Alberta Health says it has received reports of at least 12 users who downloaded the wrong information from the province’s COVID-19 vaccination record website on Wednesday. The record those users downloaded contained the name, date of birth and vaccine…
Swire Pacific Offshore reports cyberattack
Seen on Hellenic Shipping News: Swire Pacific Offshore (SPO) has discovered that it was the target of a cyberattack which involved unauthorised access to its IT systems. The unauthorised access has resulted in the loss of some confidential proprietary commercial information and has resulted in the loss of some personal data. The cyberattack has not…