On August 5, 2024, McLaren Healthcare became aware of suspicious activity affecting McLaren Health Care and Karmanos Cancer Institute computer systems. In an early statement about the incident, McLaren indicated that the attack affected IT systems across its 13 hospitals, cancer treatment centers, surgery centers, and clinics. In an August 12 update, McLaren reported that…
A state forensics lab was leaking its files. Getting it locked down involved a number of people.
Remember the old meme about how many <whatever your profession was> does it take to change a lightbulb? This week felt like, “How many people does it take to get very sensitive data locked down?” But there was nothing funny about it. Spoiler alert: the answer for this week was: 2 researchers, 1 journalist, 1…
CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
Amin Ayan reports: CoinMarketCap was hacked on Friday after a malicious popup appeared on its website, urging users to “verify” their wallets. The phishing-style notification asked users to connect their wallets and approve ERC-20 token access, raising immediate red flags across the crypto community. Wallet providers like MetaMask and Phantom quickly flagged the site as…
Montana Attorney General launches investigation into Lee Enterprises data breach
Seaborn Larson reports that the Montana Attorney General’s Office is investigating the Lee Enterprises ransomware attack by Qilin: Montana Attorney General Austin Knudsen announced Friday his office has launched an investigation into Lee Enterprises following a cyber attack on company systems earlier this year that compromised the personal data of nearly 40,000 employees and subscribers….
AT&T gets preliminary approval for $177 million data breach settlement
Mike Scarcella reports: A U.S. judge granted preliminary approval on Friday to a $177 million settlement that resolves data security lawsuits against AT&T over breaches that exposed personal information belonging to tens of millions of the telecom giant’s customers. U.S. District Judge Ada Brown in the federal court in Dallas, Texas, said in a ruling…
Aflac notifies SEC of breach suspected to be work of Scattered Spider
On June 20, Aflac notified the SEC of unauthorized access to its network: On June 12, 2025, Aflac Incorporated, a Georgia corporation (the “Company”), identified unauthorized access to its network. The Company promptly initiated its cybersecurity incident response protocols and believes that it contained the intrusion within hours. The Company’s business remains operational, and its…