Collaborate Disseminate
KPQ reports: The Washington Appeals Court will hear a case from two people suing Chelan Douglas Health District over a security breach. The Health District reported a breach in July of 2021 but did not inform possible victims or the public until March … Continue reading Washington State Appeals Court to hear data breach lawsuit against Chelan Douglas Health District
The UT investigated the decision-making process of victims who had to pay ransoms during ransomware attacks. UT researcher Tom Meurs and his colleagues analyzed 481 ransomware attacks, data from the Dutch police and a Dutch incident response party. Org… Continue reading University of Twente Maps Decision-Making Process for Ransomware Victims
In the process of researching breach reports submitted to HHS, DataBreaches came across a public notice for an incident affecting Primary Health & Wellness Center, LLC in Maryland. The covered entity is to be commended for the details and transpare… Continue reading Primary Health & Wellness Center, LLC’s public notice of ransomware incident
Sergiu Gatlan reports: Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week… Continue reading CISA pushes federal agencies to patch Citrix RCE within a week
Emily Cervantes reports: Hawaii Medical Service Administration employee information may be compromised after their vendor partner fell victim to a cyber attack. In early Sept. 2023, HMSA’s health management service vendor, Navvis, announced they experi… Continue reading HMSA member data possibly compromised after data breach
Tyler Kula reports: Bluewater Health, hardest hit by a cyberattack on five Southwestern Ontario hospitals last fall, had a relatively dated system for storing and sharing patient information at the time, Bluewater Health’s board chairperson says. “It d… Continue reading Bluewater Health getting new, more secure hospital info system
On December 28, DataBreaches published snippets from a chat with a threat actor (TA) who claimed to have involvement with both the Fred Hutch cyberattack and the Integris cyberattack. In the course of that exchange, the TA surprised DataBreaches by cla… Continue reading Fred Hutch failed to reveal threats of potential swatting attacks until this site revealed the threat. Should they have disclosed it themselves?
On September 8, Brady Martz & Associates in North Dakota disclosed a data breach in November 2022 that reportedly affected more than 53,000 individuals. Less than two weeks later, at least four lawsuits had been filed against the firm. Now, four mo… Continue reading Family Healthcare notifying patients of November 2022 breach at Brady Martz & Associates
Keith Gushard reports: The Erie VA Medical Center says it regrets any preventable disclosure of sensitive veteran information and takes appropriate action to inform and protect impacted individuals as quickly as possible. The statement, issued Monday… Continue reading Erie VA Medical Center says it regrets veteran info disclosure
Earlier today, French natural Sébastien Raoult learned his sentence in federal court in Seattle. Raoult, aka “Sezyo,” had been detained in Morocco as he prepared to fly home to France after a vacation. His detention in response to a Red No… Continue reading Sébastien Raoult sentenced in federal court; could be out in less than 11 months