Cl (Update): Failure to patch resulted in an embarrassing government leak Last week, DataBreaches noted that Guacamaya Group hacktivists had leaked emails from El Estado Mayor Conjunto De Chile (EMCO), the advisory body of the Chilean Ministry of Defense, the Joint Chiefs of Staff, and other governments. Now BiobioChile reports the government is considering...
DataBreaches has not seen anything on HHS’s public breach tool, but the Coeur Group in Omaha, Nebraska, published a legal notice about a cybersecurity incident involving patient information. According to their statement, an employee’s email account in Coeur Group’s business email system was compromised between June 7 and July 12, 2022. The breach was discovered...
Sergiu Gatlan reports: Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild. “The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible...
John Fokker writes: We’ve recently seen reports that the REvil ransomware gang is back online after the January 2022 arrests of several its members by Russian authorities claiming to dismantle the group and the November 2021 arrests of two members by U.S. authorities. While it remains to be seen if this re-emergence of REvil...
Reuters reports: A former US Army major and his anesthesiologist wife have been criminally charged for allegedly plotting to leak highly sensitive healthcare data about military patients to Russia, the Justice Department revealed on Thursday. Jamie Lee Henry, the former major who was also a doctor at Fort Bragg in North Carolina, and his...
David O’Dornan and Paul Higgins report: A teenager today denied creating a computer virus which allegedly ‘crashed hundreds of financial institutions across the world when he was just 14 years old. Josh Maunder, now 18, from Abbey Park in Bangor, Co Down in Northern Ireland, entered not guilty pleas to each of the 21 charges...
Josh Taylor reports: Former Virgin Mobile and Gomo customers are the latest to have been informed by Optus that their personal information was exposed in the company’s massive data breach, as an identification repair service reveals it has fielded a month’s worth of complaint calls in three days. Read more at The Guardian. In related news,...
Ravie Lakshmanan reports: A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform. Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a...
Brendan Rascius reports: A Maryland woman accused of using stolen credit and debit card information — then using it to shop online — has been charged with 120 counts of theft and fraud, police said in a news release. The woman was employed at a Walgreens in Cambridge, Maryland, a riverside city of about...
Data Breach at Canadian Border Agency Contractor Involved up to 1.38 Million Licence Plates