From the U.K.’s Information Commissioner’s Office (ICO): NHS Highland reprimanded for a “serious” data breach amongst those accessing HIV services ICO calls for higher standards when protecting data of people living with HIV Service providers could be fined or reprimanded for exposing sensitive data The Information Commissioner’s Office (ICO) has issued a reprimand to NHS...
Bill Toulas reports: TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data of 4,822,580 customers. TMX is a public financial service that operates equities, fixed income, derivatives, and energy markets exchanges, with a business presence in the United States, Canada, the U.K., Australia,...
There is an update to a story posted on DataBreaches in 2021 about a scary-sounding attempt to hack and control the water treatment plant in Oldsmar, Florida. Today, Chris Teale reports that no, it wasn’t that at all. It was just an employee clicking on some wrong buttons before he informed his supervisor of...
It appears that Lewis & Clark in Oregon has been the victim of a ransomware attack by Vice Society. An urgent notice on the college’s website currently says: Urgent LC Alert: Campus phone service and PioNet Guest Wifi are working. If you are unable to reach Campus Safety at 503-768-7777, call the backup number...
ES: Secondary education center hit by Stormous After several months out of the public eye, the pro-Russian Stormous Ransomware group reappeared in February. Now they have claimed an attack on a secondary education center, the Instituto De Educación Secundaria Ies Emilio Canalejo Olmeda (IESCO) in Cordoba, Spain. On March 30, Stormous listed the entity...
Matsuki Hirayama reports: The unauthorized access into Guam Memorial Hospital’s network is undergoing a detailed review for a possible Health Insurance Portability and Accountability Act or HIPAA breach. The information came to light during the public hospital’s monthly board meeting Wednesday. GMH legal counsel Jeremiah Luther maintains that no patient or employee records were compromised, saying they got...
Jonathan Greig reports: The U.S. government is sending $25 million to the government of Costa Rica to help the country recover from a devastating ransomware attack last year that crippled several key agencies. In May 2022, Costa Rica’s newly elected president Rodrigo Chaves declared a state of emergency after the now-defunct Conti ransomware group severely damaged the Ministry...
Dan Goodin reports: The support team for 3CX, the VoIP/PBX software provider with more than 600,000 customers and 12 million daily users, was aware its desktop app was being flagged as malware, but decided to take no action for a week when it learned it was on the receiving end of a massive supply chain...
Yesterday, DataBreaches reported that a vendor’s breach discovered in November 2021 was first being disclosed by a number of hospitals. Rather than do separate posts as each additional hospital becomes known, you can bookmark that post, where you can scroll down and find updates as DataBreaches becomes aware of them. At the present time,...
Nine months after ransomware attack, Atlantic Dialysis Management Services notifies patients and regulators