Collaborate Disseminate
The Justice Department today announced the seizure of Rydox, an illicit website and marketplace dedicated to selling stolen personal information, access devices, and other tools for carrying out cybercrime and fraud, and the arrest of Rydox administrat… Continue reading Rydox Cybercrime Marketplace Shut Down and Three Administrators Arrested
Kyodo News reports that Japanese publishing firm Kadokawa Corporation paid Black Suit $2.98 million in cryptocurrency after a ransomware attack in June. But looking at BlackSuit’s leak site, it appears BlackSuit leaked their data anyway. A screen… Continue reading Japanese publisher paid BlackSuit $3 million, but BlackSuit leaked their data anyway – reports
A press release from Dutch Politie: Starting this week, law enforcement agencies from fifteen different countries, together with Europol, are once again taking large-scale action against DDoS-for-hire services. In Operation PowerOFF, three arrests were… Continue reading Global Police Action Against DDoS Attackers: Operation PowerOFF
The following announcement by HHS OCR stems from an accidental exposure of protected health information online that continued for several years. Inmediata’s incident resulted in a class action lawsuit that was settled for $1.1 million in 2022, an… Continue reading HHS OCR settles charges that Inmediata Health Group exposed 1.6 million patients’ PHI online
Watsonville Community Hospital in California is continuing to work through what they refer to as a cyberattack on November 29. The hospital’s network has been offline since then with staff reverting to “downtime” procedures using pape… Continue reading Watsonville Community Hospital still dealing with November cyberattack
On Christmas, December 2023, Anna Jaques Hospital (AJH) in Massachusetts was grappling with a cyberattack that knocked out their EHR system and resulted in them having to divert ambulances to other area hospitals. On January 23, they posted a prelimina… Continue reading Anna Jaques Hospital notifies 316,300 people about 2023 ransomware attack
David Gilmour reports: President-elect Donald Trump’s FBI director pick, Kash Patel, was informed by the agency he’ll soon lead that he’d been targeted by Iranian hackers, sources familiar with the situation revealed to CNN. Hackers reportedly accessed… Continue reading Trump FBI Pick Kash Patel’s Emails Accessed By Iranian Hackers: Report
Earlier today, DataBreaches posted an HHS OCR announcement of a settlement with a HIPAA covered entity. A former contractor had accessed its electronic medical record system on three occasions without authorization to retrieve PHI for use in potential … Continue reading Failure to terminate access can be costly. Very costly.
DataBreaches hates reporting on an incident when the entity has not yet secured misconfigured storage, but after four months of futile efforts to get a Canadian clinic to respond to responsible disclosures, maybe publication will help get them off the … Continue reading Bolton Walk-In Clinic in Ontario: lock down your backup already!
NEW YORK – New York Attorney General Letitia James and New York State Department of Financial Services (DFS) Superintendent Adrienne A. Harris today secured $11.3 million in penalties from two auto insurance companies, the Government Employees Insuranc… Continue reading Attorney General James and DFS Superintendent Harris Secure $11.3 Million from Auto Insurance Companies over Data Breaches