SecurityWeek
Omni Hotels Says Personal Information Stolen in Ransomware Attack
Omni Hotels says customer information was compromised in a cyberattack claimed by the Daixin Team ransomware group.
SecurityWeek
Omni Hotels says customer information was compromised in a cyberattack claimed by the Daixin Team ransomware group.
DataBreaches
Developing: Someone claiming to be an “affiliate plus” for AlphV claims they were responsible for the Change Healthcare attack but that AlphV...
DataBreaches
Three recent data breach disclosures involving patient data all exceeded HIPAA’s 60-day deadline to notify HHS and individuals. Yakima Valley Radiology A...
The Cyber Express
In a recent cyber incident, a hacker associated with high-profile breaches including those of the FBI and Airbus, has purportedly
DataBreaches
Joe Warminsky reports: Global pharmaceutical corporation Cencora reported on Tuesday that it recently discovered that intruders had stolen data from its...
DataBreaches
Zack Whittaker reports that the ongoing cyberattack at Change Healthcare has been confirmed as a ransomware attack, with executives of the firm linking it to...
DataBreaches
On February 16, BlackCat added loanDepot to their dark web leak site, but without any data as proof. At the time, they claimed that LoanDepot had shown up in...
DataBreaches
The Zalkin Law Firm (“Zalkin”), a San Diego firm advocating for sexual abuse survivors nationwide, was sued in September after BlackCat gained...
DataBreaches
From today’s update to the LockBit3.0 blog, now under the control of law enforcement, we read claims that law enforcement knows who and where LockBitSupp...
DataBreaches
Early yesterday, Change Healthcare reported that they were experiencing enterprise-wide connectivity issues. They didn’t call it a cyberattack at that...
DataBreaches
HHS OCR has announced a second enforcement settlement in a ransomware case. The 2019 breach involving Green Ridge Behavioral Health managed to fly mostly under...
DataBreaches
Grace Lutheran Foundation, which does business as Grace Lutheran Communities in Wisconsin, offers a variety of services including rehabilitation services,...
DataBreaches
On April 30, DataBreaches reported an alleged data breach involving TorchByte (formerly known as Tic Hosting Solutions). At the time, DataBreaches had been...
DataBreaches
In August 2023, Prince George’s County Public Schools disclosed a cyberattack. At the time, they reported that “an estimated 4,500 user accounts out of...
DataBreaches
In December, INTEGRIS Health disclosed a cyberattack in November in which threat actors contacted patients directly to extort them when INTEGRIS wouldn’t...
DataBreaches
In April 2023, DataBreaches reported on an alleged incident involving TIC Hosting in Romania. No one from TIC Hosting ever responded to inquiries from this...
DataBreaches
On January 24, DataBreaches was contacted by a spokesperson for AlphV (“BlackCat”) to see if this site would be interested in reporting on a breach...
DataBreaches
KPQ reports: The Washington Appeals Court will hear a case from two people suing Chelan Douglas Health District over a security breach. The Health District...
DataBreaches
Riley Griffin reports: Hackers stole millions of dollars in grant money from the Department of Health and Human Services last year in a series of attacks,...
DataBreaches
Just days after prosecutors in the Eastern District of Virginia recommended that Conor Fitzpatrick, aka “Pompompurin,” be sentenced to at least 15...
DataBreaches
In the process of researching breach reports submitted to HHS, DataBreaches came across a public notice for an incident affecting Primary Health & Wellness...
DataBreaches
On January 11, DataBreaches noted a concerning blob exposure discovered by Jerome Fowler and first reported by vpnMentor. As WIRED’s Matt Burgess...
DataBreaches
YLE reports: The Lutheran World Federation (LWF) has fallen victim to cyber extortion, Finnish news agency STT reports on Sunday. The Finnish Evangelical...
DataBreaches
On December 28, DataBreaches published snippets from a chat with a threat actor (TA) who claimed to have involvement with both the Fred Hutch cyberattack and...
DataBreaches
On September 8, Brady Martz & Associates in North Dakota disclosed a data breach in November 2022 that reportedly affected more than 53,000 individuals...
DataBreaches
Matt Burgess reports: Thousands of emergency planning documents from US schools—including their safety procedures for active shooter emergencies—were...
DataBreaches
Bill Toulas of Bleeping Computer reported on a recent Arctic Wolf Labs investigation that caught my eye. Arctic Wolf investigated two cases where victims of...
DataBreaches
Earlier today, French natural Sébastien Raoult learned his sentence in federal court in Seattle. Raoult, aka “Sezyo,” had been detained in...
DataBreaches
On August 1, DataBreaches noticed that Parathon by JDA e-Health had been listed on the Akira ransomware leak site. Neither Akira nor Parathon responded to...
DataBreaches
On January 1, 2009, DataBreaches posted its first “Happy New Year” post. If you had asked me to predict if I’d still be posting breaches on...
DataBreaches
DataBreaches previously reported a breach involving Integris Health in Oklahoma. The incident did not involve encryption, but the threat actors were reportedly...
DataBreaches
On December 24, Integris Health of Oklahoma started contacting patients about a cyberattack on November 28. The unnamed threat actors did not encrypt any of...
DataBreaches
On December 22, ProSmile Holdings, LLC in New Jersey issued a press release about a data breach. If ProSmile — a dental service organization — is a...
DataBreaches
On December 22, Clay County published a notice on its website about a ransomware attack in October. According to its notice, on October 27, 2023, the county...
DataBreaches
Myind reports: India’s state-owned telecom operator, Bharat Sanchar Nigam Ltd (BSNL), experienced a substantial data breach, placing the personal...
DataBreaches
Tyler Wainfeld reports: College of the Canyons is communicating with more than 2,400 affected personnel after an unauthorized data breach through its insurance...
DataBreaches
Andy Alcock reports from Missouri: A blackmail message from an apparent hacker appears to be the reason Liberty Hospital computer systems crashed Tuesday. KMBC...
DataBreaches
AlphV wasn’t the only group experiencing some disruption this week In August, “The Five Families” announced the collaboration of ThreatSec,...
DataBreaches
In mid-November, DataBreaches reported that AlphV threat actors had added MeridianLink to their leak site. When their victim wouldn’t pay them, AlphV...
DataBreaches
Attacks on the medical sector continue. Fred Hutchinson Cancer Center This week, the group known as Hunters International claimed responsibility for an...
DataBreaches
On December 8, DataBreaches reported that Fred Hutchinson Cancer Center had been the victim of a ransomware attack and that the then-unnamed threat actors were...
DataBreaches
Bill Toulas reports: Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a...
Bleeping Computer
Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents.
DataBreaches
CBIZ KA, a third-party vendor for Prime Healthcare (Prime), discovered a security incident involving CBIZ’s use of MOVEit Transfer software, which has...
DataBreaches
If you can’t get an interpretation of a state breach notification statute from the state’s attorney general, where can you get it? DataBreaches...
DataBreaches
Following up on a somewhat atypical strategy to monetize an alleged attack on Tipalti, AlphV updated their leak site post today. It now reads: We are...
DataBreaches
The Jerusalem Post reports: Over 500 gigabytes of data, including hundreds of thousands of IDF medical records were allegedly stolen by Iran-linked hackers...
DataBreaches
So AlphV (aka BlackCat) is trying something different again, it seems. This time, it seems they are claiming a victim before they have even attempted to...
DataBreaches
Yet another notification letter provides an example of why we need legislation requiring more transparency in disclosures. A DataBreaches.net OpEd. ...
DataBreaches
If you’re in Rock County, Wisconsin, it seems your Information Technology Director and Corporation Counsel do not want you to know certain things about...
DataBreaches
As DataBreaches noted yesterday on infosec.exchange, the Medusa ransomware gang claims to have hit Great Valley School District in Pennsylvania. They provide a...
DataBreaches
Pacific Cataract and Laser Institute (PCLI) is dealing with a cyberattack that LockBit claimed responsibility for. An undated notice on its website...
DataBreaches
On November 17, Proliance Surgeons notified HHS that 437,392 patients were affected by a breach. An undated notice on their website explains that it was a...
DataBreaches
DataBreaches first reported on Jesse William McGraw of Arlington, Texas, a/k/a “GhostExodus,” was when he was arrested by the FBI in June 2009 and then...
DataBreaches
The Municipal Water Authority of Aliquippa in Pennsylvania recently reported a cyberattack that appeared to be by an Iranian-backed group, “Cyber...
DataBreaches
On November 24, the NoEscape ransomware group added Granger Medical Clinic in Utah to their leak site. As proof, NoEscape provided a filetree and screenshots...
DataBreaches
Crystal Lake Health Centers (CLHC) provides comprehensive medical care in 11 healthcare clinics in Michigan. On some date as yet unknown to DataBreaches, they...
DataBreaches
Deanco Healthcare LLC, which does business as Mission Community Hospital (MCH) in California, has issued a breach notification about a ransomware attack it...
DataBreaches
Meow Leaks has added Vanderbilt University Medical Center (VUMC) in Tennessee to their leak site, and has dumped what they claim is 100% of the data...
DataBreaches
Bill Toulas reports: Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after...
DataBreaches
DataBreaches would have passed over a listing on LockBit3.0’s site if Brett Callow hadn’t kindly called our attention to it. The listing by the...
DataBreaches
Stacey Scott reports: The federal government has issued a warning to current and former public service employees, as well as members of the RCMP and Canadian...
DataBreaches
On November 12, DataBreaches published an OpEd, If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures...
DataBreaches
Over on SuspectFile, Marco A. De Felice reports that the NoEscape ransomware gang is threatening to release 1.5 TB of data from PruittHealth Network. De Felice...
DataBreaches
On September 24, Karakurt threat actors added Yakima Valley Radiology PC to their leak site. Their listing claimed that they acquired 9.31 GB of files...
DataBreaches
In addition to Florida, represented by Consumer Protection Division Multistate and Privacy Bureau Chief Patrice Malloy and Senior Assistant Attorney General...
DataBreaches
It’s not often DataBreaches reads a breach disclosure that reports the theft of already-encrypted data, but a notification by Systems East, Inc. (SEI) in...
DataBreaches
Brian Krebs reports: Prosecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with...
DataBreaches
When DataBreaches compiles statistics on health data breaches for Protenus’s annual Breach Barometer, Nebraska generally has fewer than 10 breaches per...
DataBreaches
Decatur Independent School District in Texas was added to Inc Ransomware’s leak site on Wednesday. There is no summary or description of what the...
DataBreaches
Earlier today, AlphV added MeridianLink to their leak site. MeridianLink (MLNK) is the provider of a loan origination system and digital lending platform for...
DataBreaches
The NoEscape ransomware gang claims to have attacked two more medical entities. The first one is Southeastern Orthopaedic Specialists, P.A. in North...
DataBreaches
Hunters International has added a property management firm in Kentucky to their leak site. They provide a description of what they claim to have acquired from...
DataBreaches
As first reported on DataBreaches on Friday, SingularityMD indicated that they would be leaking or selling Jeffco Public Schools data. They followed through...
DataBreaches
— An OpEd by DataBreaches– When it comes to data breach disclosures, the very same entities who claim to take our privacy and security very, very...
DataBreaches
Sometimes you think you did a good job — and sometimes you actually did do a good job compared to everyone else — but someone comes along and...
DataBreaches
As the Toronto Star and CBC first reported last month, Michael Garron Hospital in Toronto has been investigating a cyberattack it discovered on October 23. In...
DataBreaches
It looks like “SingularityMD,” the hacker(s) of Clark County School District in Nevada and Jeffco Public Schools in Colorado, are looking to start...
DataBreaches
News12 on Long Island reports that the Perry Johnson & Associates (PJ&A) breach reported previously on this site has also affected Northwell Health, a...
DataBreaches
On November 8, Pacific Union College in California notified the Maine Attorney General’s Office of a breach in March 2023 that impacted 56,041 people...
DataBreaches
Laura Dyrda Crystal Run Healthcare in Middletown, N.Y., told patients to expect longer wait times than usual amid a system interruption affecting some...
DataBreaches
CBC reports: All five southwestern Ontario hospitals impacted by a cyberattack just over two weeks ago will rebuild their networks from scratch, the hospitals...
DataBreaches
On November 2, DataBreaches reported that the same threat actors that had hacked and exfiltrated data from Clark County School District in Las Vegas had also...
DataBreaches
Kathleen Saylors and Jennifer La Grassa report: A database containing information on 5.6 million patient visits to Bluewater Health and the social insurance...
DataBreaches
On Friday, Mulkay Cardiology Consultants at Holy Name Medical Center (“Mulkay”) notified the Maine Attorney General’s Office of an incident...
DataBreaches
Cardiovascular Consultants LTD (CVC Heart) in Arizona may or may not have been the victim of a ransomware attack, but they have not responded to inquiries...
DataBreaches
Deer Oaks Behavioral Health in Texas is a behavioral health services provider of psychological and psychiatric services to residents of long-term care and...
DataBreaches
As predicted, Daixin has leaked the third part of the data they exfiltrated from TransForm and Canadian healthcare entities. DataBreaches reported the first...
DataBreaches
Summit Health is a for-profit, multi-specialty medical practice headquartered in Berkeley Heights, New Jersey. It describes itself as a...
DataBreaches
As some will likely have already noticed, Daixin Team released the second part of the data leak from five hospitals in Ontario that have IT services provided...
DataBreaches
In August 2020, DataBreaches reported that the Maze ransomware gang had added Ventura Orthopedics to their name-and-shame leak site. At the time, Ventura did...
DataBreaches
How many school districts have to get massively hacked by the same method before the U.S. Department of Education, CISA, and states start really pressuring...
DataBreaches
Daixin Team is now claiming responsibility for — and leaking data from — an attack that has significantly impacted five Canadian hospitals...
DataBreaches
Advarra describes itself as providing integrated solutions to safeguard trial participants, empowering clinical sites, ensuring compliance, and optimizing...
DataBreaches
When reviews of data breaches in the education sector are written for 2023, they will almost certainly mention the 2022 attack on the Los Angeles Unified...
DataBreaches
Ankur Sharma reports: In what is suspected to be the biggest data leak case in the country so far, details of 81.5 crore Indians with the Indian Council of...
DataBreaches
On October 13, BlackCat (AlphV) threat actors first threatened to leak data from Morrison Community Hospital (MCH) in Illinois. Shortly thereafter, the listing...
DataBreaches
Stanford University issued a statement yesterday: The security and integrity of our information systems are top priorities, and we work continually to...
DataBreaches
Clark County School District (CCSD) in Nevada informed parents and employees that they became aware of a “cybersecurity incident” on October 5...
DataBreaches
Tiffany Lane reports: Problems continue for Clark County School District families and staff about a week and a half after being notified of a cyber...
Loading more articles....