Farah Yousry reports the aftermath of a ransomware attack by Hive that was previously reported on DataBreaches in 2021: As the second year of the pandemic was nearing an end, employees at Johnson Memorial Health hoped they could catch their breath after dealing with a weeks-long tsunami of COVID-19 hospitalizations and deaths. But on...

NYS Attorney General Letitia James announced a settlement: New York Attorney General Letitia James secured $200,000 from the law firm, Heidell, Pittoni, Murphy & Bach LLP (HPMB) for failing to protect New Yorkers’ personal and healthcare data. HPMB’s poor data security measures made it vulnerable to a 2021 data breach that compromised the private information of...

On March 15, DataBreaches was contacted by a researcher who had found  a “bunch of medical docs.” The files included patient intake evaluations, laboratory results, medical records requests, insurance information forms, treatment or consultation notes, and other files you would expect to see in a patient’s records. The patients all appeared to be in...

In a March 11 post about non-U.S. hospitals that had been victims of cyberattacks, DataBreaches had noted a report about CHU-BREST. Valéry Rieß-Marchive of LeMagIT has an update and more details on the incident. The following uses machine translation from the original French: During a press briefing, this Friday, March 24, the direction of...

Dan Milmo reports: Twitter has revealed some of its source code has been released online and the social media platform owned by Elon Musk is taking legal action to identify the leaker. According to a court filing made on Friday, Twitter is demanding that GitHub, a code-sharing service, identifies who released on the platform...

From Europol: In response to the growing public attention given to ChatGPT, the Europol Innovation Lab organised a number of workshops with subject matter experts from across Europol to explore how criminals can abuse large language models (LLMs) such as ChatGPT, as well as how it may assist investigators in their daily work. Their...

Reuters reports: Australia’s biggest casino operator Crown Resorts said on Monday it was investigating a data breach at its third-party file transfer service, GoAnywhere, in which hackers obtained a limited number of Crown’s files. “We were recently contacted by a ransomware group who claimed they have illegally obtained a limited number of Crown files,”...

Part of ABC’s write-up today: What do we know about who has been hit by the cyber attack? The consumer finance company announced on Monday: 7.9 million Australian and New Zealand drivers licence numbers have been stolen about 53,000 passport numbers were stolen less than 100 customers had a monthly financial statement stolen An additional 6.1...

From the FTC: The Federal Trade Commission staff are seeking information on the business practices of cloud computing providers including issues related to the market power of these companies, impact on competition, and potential security risks. In a Request for Information, FTC staff are seeking information about the competitive dynamics of cloud computing, the extent...