Breach Incidents – Page 32 – WindowsTechs.com

Insufficient Data Security and Disregard for Student Data Privacy Plague the DeKalb County School District; With Commentary by Jim Siegl

Posted on May 9, 2022 by Dissent

Keegan Brooks writes: The DeKalb County School District has been making thousands of files containing sensitive student and staff information widely accessible to anyone in the district. Types of information exposed have included social security number… Continue reading Insufficient Data Security and Disregard for Student Data Privacy Plague the DeKalb County School District; With Commentary by Jim Siegl→

Sunday notes: Welldyne, North Alabama Bone & Joint Clinic disclose breaches affecting patient data

Posted on May 8, 2022 by Dissent

A Sunday two-fer on health data breaches: WellDyneRx, LLC (“WellDyne”) issued a press release on May 6 concerning an incident they first detected on December 2. The Florida-headquartered pharmacy benefits service provider’s investigat… Continue reading Sunday notes: Welldyne, North Alabama Bone & Joint Clinic disclose breaches affecting patient data→

Cybercrime loves company: Conti cooperated with other ransomware gangs

Posted on May 7, 2022 by Dissent

Seems to be a lot of Conti-related analyses this week, as well as the $10 million reward offered by the government for information leadings to Conti’s leaders. From Intel471: Software developers often depend on the collective knowledge of the ind… Continue reading Cybercrime loves company: Conti cooperated with other ransomware gangs→

Conti and Hive ransomware operations: Leveraging victim chats for insights

Posted on May 7, 2022 by Dissent

Kendall McKay and colleagues Paul Eubanks and Jaime Filson of Talos issued a report this week with some interesting insights. EXECUTIVE SUMMARY Through open-source research, we obtained and analyzed over four months of chat logs — more than 40 separate… Continue reading Conti and Hive ransomware operations: Leveraging victim chats for insights→

Update: U.S. v. Robert Purbeck aka “Lifelock”

Posted on May 6, 2022 by Dissent

Long-time readers may recall that in 2017 and 2018, DataBreaches.net reported on hacks of two medical practices by someone calling himself “Lifelock.” DataBreaches’ past reporting on him can be found in this July, 2017 post (see comments un… Continue reading Update: U.S. v. Robert Purbeck aka “Lifelock”→

Another school district notifies parent of Illuminate breach

Posted on May 5, 2022 by Dissent

Natalie Chuck reports that another district in Colorado has sent letters to parents about the breach at Illuminate Education that impacted more than 820,000 students in New York City as well as 24 other districts and 18 charter schools in NY: Someone, … Continue reading Another school district notifies parent of Illuminate breach→

Breast Cancer Support Organization Leaks Data Despite Multiple Notifications?

Posted on May 3, 2022 by Dissent

SafetyDetectives recently reported that Breastcancer.org has been exposing sensitive information in a misconfigured AWS bucket. According to their report, exposed data included more than 50,000 registered user avatars and more than 300,000 post images … Continue reading Breast Cancer Support Organization Leaks Data Despite Multiple Notifications?→

Excellus Health Plan Settles Data Breach Suit With Policyholders

Posted on May 3, 2022 by Dissent

Samantha Hawkins reports: Excellus Health Plan Inc. will settle a data breach lawsuit with a certified class over a 2013 hacking incident that compromised the personal data of approximately 10 million policyholders. Matthew Fero, who filed the suit aga… Continue reading Excellus Health Plan Settles Data Breach Suit With Policyholders→

Health startup myNurse to shut down after data breach exposed health records

Posted on May 3, 2022 by Dissent

Zack Whittaker reports: myNurse, a healthcare startup that provides chronic care management and remote patient monitoring services, said it will shut down at the end of the month after reporting a data breach that exposed personal health information of… Continue reading Health startup myNurse to shut down after data breach exposed health records→

ARcare reports breach; Smile Brands updates its disclosure to 2.6 million affected

Posted on April 26, 2022 by Dissent

Two reports that I have been reading today: ARcare ARcare in Arkansas is notifying people whose personal and/or medical information may have been accessed or acquired in a malware incident. The malware enabled an unauthorized actor to access or acquire… Continue reading ARcare reports breach; Smile Brands updates its disclosure to 2.6 million affected→