In July, DataBreaches.net reported on a breach involving Talbert House that had been listed on the “Marketo” leak site, a site where hacked or leaked data is stolen (the site has no connection whatsoever to Adobe’s Marketo). As reported at the time, Talbert House is an agency in Ohio with a network of services focusing…
NY: Rehabilitation Support Services notifies clients and employees of data breach
In July, DataBreaches.net reported that threat actors calling themself “Grief” claimed to have attacked NY-based Rehabilitation Support Services (RSS), an agency that provides services to more than 3,000 individuals with psychiatric and substance abuse disorders each year. Grief claimed to have exfiltrated 4 GB of data from RSS, and offered some small proof of claim. For…
Barlow Respiratory Hospital recovering from breach but may have a long incident response road ahead
Barlow Respiratory Hospital has locations in California, and given how COVID has so many respiratory complications, you would imagine that they have been incredibly busy this year. On August 27, they experienced a ransomware attack, an attack claimed by threat actors who call themselves Vice Society. The hospital responsibly posted a notice on their web…
Education Department Updates Rules and Criminal Penalties for Accessing Agency Data
Aaron Boyd reports: The Education Department is rolling out new rules for accessing and handling agency data by third parties—including students, parents and loan companies—with updated criminal penalties for anyone not following the new statutes. The new rules intend to bring the department into compliance with the 2019 Stop Student Debt Relief Scams Act and…
Fujitsu confirms stolen data not connected to cyberattack on its systems
Jonathan Greig reports: Fujitsu has confirmed that data being marketed by cybercriminals is not related to any cyberattack on its systems. Criminal marketplace Marketo claimed to have 4GB of data from Fujitsu last month and began marketing it widely. […] Marketo has also changed its tune, now writing that the stolen data is entirely from Japanese manufacturing…
All of Desert Wells Family Medicine patients’ electronic health records were corrupted and unrecoverable from ransomware attack
On August 30, HHS added Queen Creek Medical Center d/b/a Desert Wells Family Medicine in Arizona to its public breach tool. The entity had reported that 35,000 patients were impacted by a breach involving a hack of the network. We now have more details on that incident available thanks to a public disclosure of their…