Collaborate Disseminate
Yesterday was not a great day for Okta. Their CSO, David Bradbury, issued a statement responding to Lapsus$’s claimed hack, but his statement led to a counter-response by Lapsus$ and even more critically, perhaps, people started asking why, if Ok… Continue reading Okta’s response to Lapsus$’s claimed hack has people asking, “Why didn’t you tell us in January?”
After multiple unsuccessful attempts to get a popular Japanese medical online consultation site to secure a misconfigured bucket, researchers at SafetyDetectives have decided to publicly disclose the leak. Doctors Me provides customers with on-demand a… Continue reading Japanese medical online consultation site leaking consumer-submitted images of symptoms
The web site of Argentina’s senate was hit by a ransomware attack on or about January 12. Unlike other entities that do not disclose quickly, the Senate issued a statement on Twitter about Vice Society’s attack two days later: 🗣El Senado de… Continue reading “It took 6 hours to get access to every IT system” of Argentina’s Senate – Vice Society
In October 2021, the School District of Janesville in Wisconsin disclosed that they had experienced a ransomware incident. At the time, they said that no data had been accessed or destroyed and that they had not received any ransom demand. In short ord… Continue reading WI: New development in Janesville school district ransomware incident
From the notice on their website: Notice Regarding Recent Data Breach What Happened? On January 18, 2022, Wheeling Health Right discovered that our organization was victimized by a ransomware attack that encrypted our systems. Upon discovery of the sec… Continue reading WVa: Wheeling Health Right victim of ransomware attack
Marianne Kolbasuk McGee reports: A healthcare services contractor has agreed to pay a $933,000 settlement in a federal whistleblower case involving alleged false claims by the entity about the security of electronic medical records containing the infor… Continue reading Comprehensive Health Services Pays False Claims Act Settlement Involving EMR Security
Economic Times reports: The RBI barred Paytm Payments Bank from taking on new customers on March 11 because it had allowed data to flow to servers abroad in violation of India’s rules, and didn’t properly verify its customers, Bloomberg reported on Mon… Continue reading PayTM clarifies RBI bar on new customers
Robert Locklear reports: If you use the popular chatting platform Discord, in recent months, you may have been duped by a link from someone you thought was a friend. If you clicked, there’s a decent chance you are still locked out of your account. [… Continue reading Discord is plagued by hackers and users say the company doesn’t care
PhySynergy has disclosed a vendor breach involving IberiaBank’s lockbox service provider, Technology Management Resources, that may have impacted some of its customers and/or patients. From their press release: HUNTSVILLE, Ala., March 4, 2022 /PR… Continue reading Another Technology Management Resources client reports a data breach
Labette Health in Kansas has started notifying employees and patients of a data security incident. According to a statement on their website, an investigation determined that unauthorized individual(s) potentially accessed and acquired information from… Continue reading KS: Labette Health discloses October, 2021 data security incident