The UpGuard Team writes: The UpGuard Research team can now disclose multiple data leaks resulting from Microsoft Power Apps portals configured to allow public access – a new vector of data exposure. The types of data varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee…
UT: Phishing attack exposes medical information for 12,000 patients at Revere Health
Sean Hemmersmeier reports: A healthcare employee was the subject of a phishing email attack that exposed some medical records for approximately 12,000 patients, including patients of cardiology practice in St. George, according to a press release sent out by healthcare company Revere Health on Friday. The employee’s email was breached for roughly 45 minutes on…
Chico State Students React to COVID-10 Vaccination Data Breach
Carmela Karcher reports: A data breach at Chico State University exposed the personal information of students who requested COVID-19 vaccination religious exemptions. According to the Associated Press, the information was posted on an anonymous internet message board and leaked records for about 130 students. Read more on CBS12. It’s not clear how this data got…
Poly Network confirms return of hacked funds
Teuta Franjkovic reports: The hacker who recently stole more than $600 million out of Poly Network in one of the biggest computer heists ever, has now handed over the private key for the remaining $141 million of looted cryptocurrency. […] In return, Poly Network is to honour a bounty of 161 Ether worth more than…
Atlanta Allergy & Asthma first mails notices to patients; data was dumped back in March
On March 3, DataBreaches.net reported that Atlanta Allergy & Asthma had apparently been compromised by Nefilim threat actors, who had dumped more than 2 GB of patient-related files on a dedicated leak site. DataBreaches.net not only reported that, but provided a redacted screencap and noted that this site had reached out to the covered entity…
Tokio Marine Insurance Singapore Hit by Ransomware Attack
As seen on Tokio Marine Insurance’s web site: August 16, 2021 Tokio Marine Holdings, Inc. Cyber Incident at Tokio Marine Insurance Singapore Ltd. We announce that Tokio Marine Insurance Singapore Ltd. (hereafter referred to as “TMiS”), one of Tokio Marine Group companies in Singapore, was subject to a ransomware cyber-attack. Upon a detection of the…