CyberNews
Grindr named in UK lawsuit over sharing HIV data
Grindr may have unlawfully shared information about its users, including their HIV status, with third-party advertisers, the lawsuit has claimed.
CyberNews
Grindr may have unlawfully shared information about its users, including their HIV status, with third-party advertisers, the lawsuit has claimed.
DataBreaches
From the U.K.’s Information Commissioner’s Office (ICO): NHS Highland reprimanded for a “serious” data breach amongst those accessing HIV...
Infosecurity News
ICO issues call after reprimanding NHS Highland
Infosecurity News
Central YMCA was fined £7,500 for a data breach exposing HIV information of support program participants, prompting the ICO to call for stronger privacy protections for people with HIV
DataBreaches
Graham Martin reports: A prominent Scottish charity has been fined £10,000 for a data protection breach. The action was taken after HIV Scotland sent out an...
The Record
A complaint filed with the Federal Trade Commission (FTC) Wednesday urges the agency to investigate the LGBTQ+ dating app Grindr for potentially illegally storing and disclosing users’ sensitive data, including HIV and vaccination status.
The Record
Kelly Peterson Miranda, who took over as Grindr’s chief privacy officer about a year ago, talks with Recorded Future News about the LTBTQ+ dating app's data privacy practices.
DataBreaches
Brian Higgins reports: A man who says he was the first person on Prince Edward Island to be hospitalized for COVID-19 is suing Health P.E.I. for breach of...
SecurityWeek
Russian national sanctioned by the Australian government for his role in the Medibank attack impacting more than 10 million Australians.
DataBreaches
While those of us who report on ransomware groups may not be sure whether to refer to the group responsible for a ransomware attack on Medibank as...
DataBreaches
Graham Cluley sets the stage nicely: Ouch. One week after the French branch of cyberinsurance giant AXA said that it would no longer be writing policies to...
Infosecurity News
Regulator highlights major data handling errors
DataBreaches
Last week, this site reported that a U.K. fertility clinic had been impacted by an attack on Stor-a-File, their document scanning vendor. This week, there...
Infosecurity News
ICO says handling of domestic abuse victims’ data must improve
The Record
A proposed class action lawsuit alleges that a Seattle-area hospital allowed Facebook’s online tracking tools to access the data of hundreds of thousands of people.
CSO
The UK Information Commissioner’s Office has reprimanded seven organizations in the past 14 months for data breaches affecting victims of domestic abuse.
The Record
Hackers connected to the governments of Russia and China are allegedly using a vulnerability in a popular Windows tool to attack targets around the world, including in Ukraine and Papua New Guinea.
Bleeping Computer
Today, the US Department of Justice (DOJ) indicted four members of the Chinese state-sponsored hacking group known as APT40 for hacking various companies, universities, and government entities in the US and worldwide between 2011 and 2018.
Bleeping Computer
The French data protection authority (CNIL) fined medical software vendor Dedalus Biology with EUR 1.5 million for violating three articles of the GDPR (General Data Protection Regulation).
SecurityWeek
Hackers began leaking sensitive medical records stolen from Australian health insurer Medibank that had earlier refused to pay the group's ransom demand.
Cyber Security News
It has been reported that a group or individual, whose identity is currently unknown, has released a new "backdoor." This backdoor has been designed to function in a similar manner to a piece of malware known as "Hive," which was developed by the United States Central Intelligence Agency (CIA).
Bleeping Computer
Ever since Russian president Vladimir Putin ordered partial mobilization after facing setbacks on the Ukrainian front, men in Russia and the state's conscript officers are playing a 'cat and mouse' game involving technology and cybercrime services.
Bleeping Computer
Some of the largest drug companies in the world have disclosed data breaches due to a February 2024 cyberattack at Cencora, whom they partner with for pharmaceutical and business services.
ZDNet
Health officials said they have to figure out COVID-19 statistics by hand because of the attack.
The Record
The Information Commissioner's Office (ICO) explained its monetary penalty against the Ministry of Defence for exposing email addresses of certain Afghans interested in being relocated to the U.K.
Infosecurity News
NHS Dumfries and Galloway confirmed that patient clinical data was leaked following the attack on its systems earlier in March 2024
DataBreaches
Long-time readers know that this blogger has encountered some interesting situations over the years in response to trying to engage in responsible disclosure...
Krebs on Security
Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole…
Cyber Security News
After hitting Australian telecommunications company Optus, in which the information of over 9 million users has been exposed, cybercriminals have victimized another company — Medibank, one of the largest Australian insurance companies. Following the data breach on Medibank, threat actors have released the personal health information of millions of users they obtained in the attack. […]
DataBreaches
Note: updates to the breaches included in this report appear below the original post. Some threat actors have gained a lot of notoriety while others are lesser...