DataBreaches.net

Want to know more about data breach laws?

See Laws

Want to know more about us?

See About Us

Need to Contact Us?

See Contact

Follow Us on Twitter

Dissent Doe, PhD

Lee J

Chum1ng0

Latest News

Recent Security Incident: Statement from SHI

Over the Fourth of July holiday weekend, SHI was the target of a coordinated and professional malware attack. Thanks to the quick reactions of the security and IT teams at SHI, the incident was swiftly identified and measures were enacted to minimize the impact on SHI’s systems and operations. These preventative measures included taking...

North Korea is targeting hospitals with ransomware, U.S. agencies warn

Kevin Collier reports: The U.S. government said Wednesday that North Korea is behind a recent strain of ransomware cyberattacks on hospitals and other health care facilities. The warning is the starkest alert to date that North Korea, which the U.S. has long alleged uses its hackers to raise money for state programs like its nuclear...

VCU Health identifies and addresses a 16-year privacy breach

Soap operas are almost always long-running. Privacy breaches should not be, and 16 years is a very long time for a problem to go undetected. But it appears that’s what happened to the Virginia Commonwealth University Health System (“VCU Health”). Last month, VCU Health disclosed that they had recently learned that beginning as early...

No need to hack, when it’s leaking, Wednesday edition: WeWork India, Proud Makatizen in Philippines

Two large leaks involving personal information discovered by researchers. First up, Zack Whittaker reports: WeWork India has fixed a security lapse that exposed the personal information and selfies of tens of thousands of people who visited WeWork India’s coworking spaces. Security researcher Sandeep Hodkasia found visitor data spilling from the check-in app on WeWork India’s website,...

NPM supply-chain attack impacts hundreds of websites and apps

Sergiu Gatlan reports: An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise hundreds of downstream desktop apps and websites. As researchers at supply chain security firm ReversingLabs discovered, the threat actors behind this campaign (known as IconBurst) used typosquatting to infect developers looking for very...

Claire’s data breach $350K class action settlement

Top Class Actions reports that there is a settlement in litigation stemming from a data breach involving customer information in a 2020 breach that affected some customers of Claire’s accessories stores. For approximately two months in 2020, malware compromised payments made on the retailer’s website. The case is Julia Rossi, et al v. Claire’s...

$63 Million OPM Data Breach Settlement Proposed

From the official settlement website at https://www.opmdatabreach.com/: OPM Data Breach Settlement In re: U.S. Office of Personnel Management Data Security Breach Litigation, No. 15-1394 (ABJ) (D.D.C.). If You Were Subject to the Data Breaches of the U.S. Office of Personnel Management and Its Contractor (Peraton Risk Decision Inc.), and You Experienced an Out-of-Pocket Loss...