Collaborate Disseminate
Amanda Audi reports: Federal government agencies were convicted for leaking data of beneficiaries of Auxilio Brasil, a flagship federal aid program now renamed as Bolsa Familia, to financial agencies offering payroll deduction loans to low-income Brazi… Continue reading Brazil’s government convicted for data leak exposed by The Brazilian Report
Sri Lanka Mirror reports: All Government offices using the “gov.lk” email domain, including the Cabinet Office, have lost data from May 17 to August 26, 2023, after a massive ransomware attack, the Information and Communication Technology Agency (ICTA)… Continue reading Massive ransomware attack on Sri Lanka’s state email domain
Some state and federal laws provide specific timeframes by which breached entities must provide notice to regulators and to those affected by a data breach. Unfortunately, loopholes abound, as we seen in statutory language such as Minnesota’s bre… Continue reading An inexcusable gap from breach to notification, or an excusable one?
KSTP reports: The Minnesota Department of Employment and Economic Development (DEED) says it’s notified job seekers that a recent security incident may have resulted in some personal information being compromised. A DEED spokesperson says the agency re… Continue reading Minnesota Department of Employment and Economic Development: security incident may have resulted in some job seekers’ contact info being compromised
Coca-Cola FEMSA is the bottler of Coca-Cola and its related soft drink products in much of Latin America, which makes it an important part of the Coca-Cola system. This week, a threat actor known to DataBreaches as “TheSnake” and as the per… Continue reading Coca-Cola FEMSA victim of ransomware attack and data leak
Jackson County Schneck Memorial Hospital (Schneck Medical Center) was a victim of a cyberattack in 2021. Its 2021 and 2022 disclosures about the breach and its lack of timely breach notification resulted in a potential class action lawsuit filed in 202… Continue reading Schneck Medical Center settles Indiana Attorney General’s lawsuit over 2021 data breach
Rite Aid was one of numerous entities affected by the massive MOVEit breach. In July, they disclosed that 24,400 patients’ pharmacy information including medication names and dates of fill, prescriber information and limited insurance information… Continue reading Rite Aid, one of many victims in MOVEit breach, sued for negligence
On September 2, Ragnar_Locker added Do IT Consultants in Canada to their “Wall of Shame.” For its listing, they wrote: Due to high level negligence and careless network security of DO IT employees, has been allowed a huge leak which affect… Continue reading Do IT Consultants victim of attack by Ragnar_Locker
After the arrest of Breached.vc’s owner “Pompompurin” in March, Breached.vc was taken offline by an administrator because it seemed likely the server had been compromised by law enforcement. Months later, the domain was seized by law… Continue reading “i know it hurts your little dick seeing a true hacker like me in a crowd full of skids and sheep,” said a man with no knowledge of anatomy
On April 1, DataBreaches reached out to Bienville Orthopaedic Specialists (BOS) in Mississippi to ask about a claim by Abyss threat actors that they had compromised BOS. BOS never replied. But now, five months later, BOS submitted a breach notification… Continue reading Bienville Orthopaedic Specialists notifies 243,000 patients of cyberattack