Collaborate Disseminate
In addition to Florida, represented by Consumer Protection Division Multistate and Privacy Bureau Chief Patrice Malloy and Senior Assistant Attorney General Diane Oates, the following states joined the action: Connecticut, Indiana, New Jersey, New York… Continue reading States settle with Morgan Stanley for $6.5 million over data security incidents
It’s not often DataBreaches reads a breach disclosure that reports the theft of already-encrypted data, but a notification by Systems East, Inc. (SEI) in New York reported one such incident. SEI, which provides e-payment solutions and online paym… Continue reading Systems East, Inc. notifies 209,000 consumers after database with some payment card info was hacked
When DataBreaches compiles statistics on health data breaches for Protenus’s annual Breach Barometer, Nebraska generally has fewer than 10 breaches per year. Seeing two reports in one brief period is a bit unusual. This week, DataBreaches found t… Continue reading We seldom see breach reports from Nebraska, so here are two.
The NoEscape ransomware gang claims to have attacked two more medical entities. The first one is Southeastern Orthopaedic Specialists, P.A. in North Carolina. According to the threat actors, the network was locked on October 25, and 3 GB of file… Continue reading NoEscape gang adds two more medical entities to their leak site
Hunters International has added a property management firm in Kentucky to their leak site. They provide a description of what they claim to have acquired from Homeland, Inc.: Over 200Gb of data – tenants info (ssn, income, family members, phone n… Continue reading Property management firm Homeland, Inc. allegedly hacked, hackers claim to have hundreds of thousands of SSN of tenants
— An OpEd by DataBreaches– When it comes to data breach disclosures, the very same entities who claim to take our privacy and security very, very seriously are generally not being transparent in their breach disclosures. Their refusal to b… Continue reading If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures
Sometimes you think you did a good job — and sometimes you actually did do a good job compared to everyone else — but someone comes along and says what you did wasn’t satisfactory at all. And when that “someone” is the U…. Continue reading Was a recent OCR settlement fair? Maybe, but maybe not.
As the Toronto Star and CBC first reported last month, Michael Garron Hospital in Toronto has been investigating a cyberattack it discovered on October 23. In its update on October 26, the hospital reported that it was actively investigating what they … Continue reading Michael Garron Hospital confirms some employee and clinician data stolen in cyberattack; Akira claims it stole 882,000 files
It looks like “SingularityMD,” the hacker(s) of Clark County School District in Nevada and Jeffco Public Schools in Colorado, are looking to start selling the data they exfiltrated. In an introductory post today on Breach Forums, they write… Continue reading Time’s up: SingularityMD sets up to sell data from Jeffco Public Schools
On September 30, AlphV threat actors (aka BlackCat) added McLaren Health Care to their dark web leak site. They updated their listing on October 4, claiming to have data on 2.5 million people. That same week, McLaren confirmed that they had been the vi… Continue reading McLaren Health Care notifying 2.2 million patients about the BlackCat attack in August