Collaborate Disseminate
Sergiu Gatlan reports: Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall, acquired in October 2023. ConnectOnCall is… Continue reading ConnectOnCall breach exposes health data of over 910,000 patients
ADMINISTRATIVE PROCEEDING File No. 3-22360 December 16, 2024 – The Securities and Exchange Commission today filed settled charges against Flagstar Bancorp, Inc. (now known as “Flagstar Financial, Inc.”), for making materially misleadi… Continue reading Securities and Exchange Commission Settles Charges Against Flagstar for Misleading Investors About Citrix Data Breach
December 9 enforcement action by the Privacy Commission of Hong Kong: Data Breach Incident of the Electrical and Mechanical Services Department (EMSD) The investigation arose from a data breach notification submitted by the EMSD to the PCPD on 1 May 20… Continue reading Hong Kong Privacy Commissioner’s Office Publishes Investigation Findings on the Electrical and Mechanical Services Department Data Breach
Carly Page reports: Security researchers are warning that hackers are actively exploiting another high-risk vulnerability in a popular file transfer technology to launch mass hacks. The vulnerability, tracked as CVE-2024-50623, affects software develop… Continue reading Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again
Termite threat actor(s) have now claimed responsibility for the Blue Yonder ransomware attack that has caused widespread impact. They provide no proof as yet, but a note posted on their dark web leak site several hours ago says, “Our team got 680… Continue reading Developing: Blue Yonder ransomware attack claimed by Termite
Earlier today, DataBreaches posted an HHS OCR announcement of a settlement with a HIPAA covered entity. A former contractor had accessed its electronic medical record system on three occasions without authorization to retrieve PHI for use in potential … Continue reading Failure to terminate access can be costly. Very costly.
Waqas reports: As the holiday season kicks off, a ransomware attack on Blue Yonder, the world’s leading supply chain management software provider, has disrupted operations for Starbucks and other retailers worldwide. The attack, reportedly, affected th… Continue reading Starbucks Shifts to Manual Processes After Contractor Ransomware Attack
Bill Toulas reports: A data breach at an unnamed French hospital exposed the medical records of 750,000 patients after a threat actor gained access to its electronic patient record system. A threat actor using the nickname ‘nears’ (previous… Continue reading Cyberattack at French hospital exposes health data of 750,000 patients
Sergiu Gatlan reports: Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. The threat actor behind this data leak, known as Nam3L3ss, published over… Continue reading Amazon confirms employee data breach after vendor hack
DataBreaches has previously reported some of the developing news concerning a cyberattack on Cencora/Lash Group. Our coverage focused on affected U.S. entities, but Canadian and UK entities were also affected. Wire News Fax reports: Medical and person… Continue reading Ca: Innomar Strategies patients affected by a cyber attack