Hamed Aleaziz reports: Immigration and Customs Enforcement accidentally posted the names, birthdates, nationalities and locations of more than 6,000 immigrants who claimed to be fleeing torture and persecution to its website on Monday. The unprecedented data dump could expose the immigrants — all of whom are currently in ICE custody — to retaliation from...
There’s an update to the LastPass security incident they disclosed in August. LastPass had released its findings from that incident in a September update, posted on their site. But now there’s another a new disclosure involving an incident facilitated by the August incident. LastPass’s CEO, Karim Toubba, writes: We recently detected unusual activity within a...
Jeff Burt reports: The Russian criminal crew Sandworm is launching another attack against organizations in Ukraine, using a ransomware that analysts at Slovakian software company ESET are calling RansomBoggs. In a Twitter thread, the ESET researchers wrote that they had detected RansomBoggs deployed within the networks of “multiple organizations in Ukraine.” While some aspects of...
Sean McCarthaigh reports: A registered nurse had admitted being guilty of professional misconduct over the unauthorised taking of a large number of confidential patient records and medical files from three nursing homes where she worked in Kerry and Cork. The nurse, Rasa Leliene, appeared before a fitness-to-practise inquiry of the Nursing and Midwifery Board...
Connexin Software, a business associate to numerous pediatric practices, recently notified HHS that it experienced a breach that affected 2,216,365 patients. One thing DataBreaches noted with interest in their substitute notice below is their statement that an unauthorized individual was able to access an offline set of patient data used for data conversion and...
If it sounds like a ransomware attack and they won’t tell you what’s going on for more than one week, I think ransomware sounds like a reasonable guess, and DataBreaches understands why some people are suggesting that. On November 25, The City reported: The computer network system at a major Brooklyn hospital network has...
Molly Reynolds, Nic Wall, and Shalom Cumbo-Steinmetz of Torys LLP write: The Ontario Court of Appeal released a trilogy of decisions on November 25 on the availability of the “intrusion upon seclusion” tort in data breach class actions. At issue was whether the tort can be used against corporate defendants that had been hacked...
Lawrence Abrams reports: A previously unnamed ransomware has rebranded under the name ‘Trigona,’ launching a new Tor negotiation site where they accept Monero as ransom payments. Trigona has been active for some time, with samples seen at the beginning of the year. However, those samples utilized email for negotiations and were not branded under...
In June 2021, DataBreaches reported that Vikas Singla had been indicted on charges relating to a 2018 cyberattack on Gwinnett Medical Center. At the time of the alleged attack, Singla was the chief operating officer of a metro-Atlanta network security company. He was charged with 18 counts of violating the Computer Fraud and Abuse...
De: Klinikum Lippe hospital decrypts data after “intensive negotiations” with ransomware attackers