Collaborate Disseminate
KillSec3 is a ransomware group, but is it really encrypting its victims these days? Recent data suggests that its affiliate(s) may be trying to extort victims using data that has already been publicly leaked. The following was researched and written by… Continue reading Is KillSec3 Trying to Extort Victims Using Publicly Leaked Data?
On January 9, 2024, DataBreaches reported that French national Sébastien Raoult had been sentenced in a Seattle federal court, but might be out in 11 months. As a suspected member of ShinyHunters, Raoult (aka “Sezyo Kaizen”) had been extra… Continue reading Alleged ShinyHunters member returned to France after prison in the U.S., now facing French charges
Bloomberg Law reports that an accused teenage hacker who was arrested last month in California is suspected of being a member of Scattered Spider, according to several people familiar with the matter. Remington Goy Ogletree (“remi”) was arr… Continue reading Scattered Spider Hacking Gang Arrests Mount With Teen
Express Employment Professionals (“Express Pros“) describes itself as a leading staffing agency in the U.S., “specializing in matching job seekers with the best jobs for their skills and experience.” Express Pros is the flagship… Continue reading Express Services disclosed a data breach. One month later, they learned they had a second data security problem.
Kevin Collier reports: Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign h… Continue reading U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack
Advant Beiten writes: A law increasing administrative liability for personal data leaks was signed on 30 November 2024 (No. 420-FZ) (the “Law“). The Law will enter into force on 30 May 2025. A new article of the Criminal Code of the Russian… Continue reading Unprecedented increase in liability for personal data leaks in the Russian Federation to take effect in May 2025
Irvin Jackson reports: Parties involved in the federal Change Healthcare data breach lawsuits have been ordered to meet separately with a U.S. Magistrate Judge over the next two months, to discuss the most effective structure for settlement talks and t… Continue reading Change Healthcare Data Breach Settlement Talks To Be Explored Early in MDL
In April 2019, DataBreaches reported that Gulf Coast Pain Consultants, LLC d/b/a Clearway Pain Solutions Institute had recently notified patients after discovering on February 20 that their EMR system had been accessed by a third party without authoriz… Continue reading HHS Office for Civil Rights Imposes a $1.19 Million Penalty Against Gulf Coast Pain Consultants for HIPAA Security Rule Violations
Background information Date of final decision: 20 May 2024 National case Legal Reference (s): Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 32 (Security of processing) Decision: … Continue reading Administrative fine of €330,000 issued to Polish medical company after a hacking incident
Sergiu Gatlan reports: Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hackin… Continue reading Russia arrests cybercriminal Wazawaka for ties with ransomware gangs