Cyberattack on Alaska DHSS website includes HIPAA and APIPA breach

The Alaska Department of Health and Social Services (DHSS) is notifying the public today of a security breach of the Health Insurance Portability and Accountability Act (HIPAA) and the Alaska Personal Information Protection Act (APIPA). This breach was caused by a highly sophisticated cyberattack on DHSS that was first detected in May 2021. Notification...

Credential leak fears raised following security breach at Travis CI

John Leyden reports: Concern is growing within the infosec community that a breach at DevOps platform vendor Travis CI might run deeper than the firm has so far been prepared to admit. Travis CI, a continuous integration and continuous delivery (CI/CD) service for cloud platform projects, admitted to an issue in a post on its community forums while...

Anonymous leaks gigabytes of data from alt-right web host Epik

Ax Sharma reports: Hacktivist collective Anonymous claims to have obtained gigabytes of data from Epik, which provides domain name, hosting, and DNS services for a variety of clients. These include the Texas GOP, Gab, Parler, and 8chan, among other right-wing sites. The stolen data has been released as a torrent. The hacktivist collective says...

TX: Lubbock County confirms private information accessible under new computer system, says situation not a data breach

Samantha Jarpe reports: Lubbock County released a statement Tuesday about previously private court information being made available to the public via a new records system. An earlier release by the Lubbock County Defense Lawyers Association characterized the incident as a data breach. The association said it became aware of the situation September 10. According...

Free REvil ransomware master decrypter released for past victims

Lawrence Abrams reports: A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free. The REvil master decryptor was created by cybersecurity firm Bitdefender in collaboration with a trusted law enforcement partner. While Bitdefender could not share details about how...