Data Breaches News and Analysis
Open database exposes 93M files on patients of substance abuse facilities
A misconfigured AWS s3 storage bucket reportedly exposed roughly 93 million billing files that contain information on patients of three drug and alcohol addiction facilities operated by San Juan Capistrano, California-based Sunshine Behavioral Health, LLC. Patients at SBH’s Monarch Shores location in San Juan Capistrano; Chapters Capistrano facility in San Clemente, Calif.; and Willow Springs…
Arkansas AG reiterates need to report medical data breaches
Arkansas Attorney General (AG) Leslie Rutledge has advised the state’s medical practitioners of their responsibilities regarding when to report a data breach under the federal state’s Personal Information Protection Act (PIPA). Meanwhile, in neighboring Tennessee the state-run medical service TennCare reported that 43,847 members had their information exposed in a data breach that took place…
Gates: Stone discussed WikiLeaks DNC email dump with Trump
A day before House impeachment hearings drew President Trump’s Ukraine policies into the spotlight, prosecutors in the Roger Stone trial ended their case with testimony from former Trump Deputy Campaign Manager and convicted felon Rick Gates, who said that Stone served as a liaison between WikiLeaks and the campaign regarding hacked DNC emails, with the…
With election on horizon, U.K.’s Labour Party contends with DDoS attacks
The U.K. Labour Party’s digital platforms have been the target of distributed denial of service attack activity since yesterday, impeding access to the political body’s main website. The initial wave of DDoS attacks took place on Nov. 11. Multiple news reports today quoted a Labour Party spokesperson as saying that the barrage of fake traffic…
Report: Recently breached Capital One reassigns its CISO
Capital One Financial Corporation is reportedly reassigning its chief information security officer Michael Johnson to an advisory role, less than four months after the bank holding company disclosed a data breach affecting more than 100 million individuals. Johnson will instead server as senior vice president and special cybersecurity advisor, TechCrunch reported, cited a Capital One…
MegaCortex ransomware variant threatens data breach, alters credentials
A newly discovered variant of MegaCortex ransomware goes well beyond just encrypting victims’ files — it also changes their Windows passwords and threatens to publish their stolen data if they fail to pay. In a report earlier this week, BleepingComputer said it helped analyzed the new strain after it was discovered by MalwareHunterTeam and subsequently…
Maine’s InterMed suffers data breach, 30,000 affected
The Portland, Maine healthcare provider InterMed is informing about 30,000 patients that some of their PHI has been involved in a data breach. The facility learned on September 6, 2019 that an employee’s email account had been hacked a few days prior, which led to several other accounts also being breached between September 7-10. An…
Trend Micro hit with insider attack
Trend Micro was the target of an insider threat that saw about 100,000 of its consumer customers have their account information stolen, sold and used to make scam phone calls. Less than one percent of Trend Micro’s 12 million consumer customers were compromised when an employee improperly accessed their data and then sold it to…
Steyer aide resigns after accessing volunteer data collected by Harris campaign
Presidential candidate Tom Steyer’s campaign said it doesn’t possess the volunteer voter data collected by Sen. Kamala Harris’s campaign that was lifted by Steyer aide Dwane Sims, who accessed the information via an account he had while working with the South Carolina Democratic Party. “We take this matter very seriously, and that is why we…
Every Desjardins customer impacted by June data incident
The Canadian financial services company Desjardins now believes all 4.2 million of its members were affected by a data incident that took place earlier this year. The company on October 31 was informed by the Sûreté du Québec that the data breach announced on June 20 actually impacted all 4.2 million 4.2 million individual caisse…
NCR blocked Mint, Quickbooks after attackers take over, drain accounts
For a short while starting late last month NCR Corp. blocked Mint and QuickBooks from its Digital Insight banking platform after cybercriminals used the financial data aggregators sites to take over and tap consumer bank accounts. Citing a chief security officer at a credit union, KrebsOnSecurity reported that the attackers automated unauthorized logins occurring in…
Two guilty pleas in Uber and Lynda.com hacking case
Two men reportedly face a up to five years in prison after pleading guilty in federal court on Wednesday to hacking into Uber’s and Lynda.com’s databases and holding their contents for ransom. According to reports, Brandon Glover of Winter Springs, Florida and Vasile Mereacre of Toronto, Canada, admitted to hacking into the GitHub accounts of Uber…
Ontario Science Centre’s marking firm hit with breach, 174K affected
A third-party email vendor for the Ontario Science Centre suffered a data breach exposing some PII of 174,000 of the Centre’s members, donors and customers. The Centre learned of the breach on August 16 when the educational center’s outside email marketing firm Campaigners reported that sometime between July 23 and August 7 an unauthorized person…
Web.com discloses breach affecting customer account info
Domain name registration and web development services provider Web.com has disclosed a recent data breach that impacts users’ account information, and apparently also affects customers of its Network Solutions and Register.com brands. The breach took place in late August 2019 when an unauthorized third party illegally accessed “a limited number of our computer systems,” the company explained…
Bed Bath & Beyond declares data incident
Home goods retailer Bed Bath & Beyond yesterday disclosed in a Securities & Exchange Commission 8-K filing that an unauthorized third party illegally accessed one percent of its online customers’ accounts. The online intruder acquired the account emails and passwords from a “source outside the company’s systems,” the Union Township, N.J. retailer reported. Based on…
UniCredit data breach impacts 3 million Italians
Italian global banking and financial services company UniCredit S.p.A. yesterday disclosed a data breach incident involving a file containing roughly 3 million records. The file was generated in 2015, which suggests that customers who created accounts in 2016 and beyond are likely safe. Affected information consisted of customers’ names, cities, telephone numbers and emails. UniCredit…
Data breach causes 10 percent of small businesses to shutter
Data breaches hitting massive entities like Equifax, Facebook and Target grab headlines, but the impact on small businesses is just as severe with attacks causing bankruptcy or even forcing a firm to shutter its doors. A report issued by the National Cyber Security Alliance, based on a Zogby Analytics survey of 1,008 small businesses with…
Adobe leaves Creative Cloud database open, 7.5 million users exposed
An unsecured Elasticsearch database left exposed the account information of about 7.5 million Adobe Creative Cloud users. Comparitech, in association with security researcher Bob Diachenko, found the Adobe database, which could be accessed without a password or any login credentials. The company was notified on October 19 and the database was locked down that day.…
Phishing scam behind Kalispell Regional Healthcare data breach
Kalispell Regional Healthcare (KRH) just reported a cyberattack that took place in late August and exposed patients’ health information. The Kalispell, Mont. facility had several employees fall for a phishing email scam, resulting in the attackers gaining the login credentials to KRH’s system, the hospital said in a statement. “This summer we discovered that several…
NordVPN confirms 2018 breach
VPN provider NordVPN revealed yesterday that a third-party server located in Finland it had been leasing was accessed in March 2018. The company said the intruder was able to acquire an expired TLS key from the server, but otherwise no other data was endangered. The access was accomplished through an insecure remote management system account…
