Posts filtered by tags: Breaches[x]


 

Real estate title insurance company exposed 885,000,000 customers' records, going back 16 years: bank statements, drivers' licenses, SSNs, and tax records

First American Financial Corp is a Fortune 500 company that insures titles on peoples' property; their insecure website exposed 885,000,000 records for property titles, going back 16 years, including bank accounts (with scanned statements), Social Security numbers, wire transaction receipts, scanned drivers' licenses, tax records, mortgage records, etc -- when notified of the error, the company (which employs 18,000 people and grossed more than $5.7B last year) closed the misconfiguration. ...
Tags: Security, Post, Business, Real Estate, News, Finance, Infosec, First American Financial Corp, Breaches


Phishing Scam resulted in The Release of Personal Health Information

Who: Palmetto Health # of Accounts Breached: 23,811 PatientsWhat was affected: Personal Health Information When it happened: November 2018 How it happened: Palmetto Health is notifying individuals of an email phishing incident that resulted in unauthorized access to individual email boxes. The incident was limited to certa...
Tags: Sem, Phishing, April, HIPAA, Breaches, PHI, 2019, Unauthorized Access, Sensitive Data, Employee Email, Release of Personal Health Information


Notorious forum for account-thieves hacked, login and messages stolen and dumped

OG Users is a forum for people who steal login credentials for online services, mostly to sell desirable login-names for popular services like Instagram; it attained notoriety when Motherboard's Lorenzo Franceschi-Bicchierai linked the forum to an epidemic of SIM-swapping attacks; a few months later, the Reply All podcast devoted an episode to the forum. Now, someone has hacked OG Users, and dumped "email addresses, hashed passwords, IP addresses and private messages for nearly 113,000 foru...
Tags: Post, News, Petard, Dumps, Breaches, Schadenfreude, No Honor Among Thieves, Og Users


HawksShop.com Compromised by Card Skimming Malware

Who: Atlanta Hawks’ online shop # of Accounts Breached: undetermined What was affected: Customers names, addresses and payment card numbers. When it happened: Started on June 6, 2017 How it happened: Cybercriminals using Magecart card-skimming code attacked the online store of the NBA’s Atlanta Hawks, stealing customers na...
Tags: Sem, Malware, Nba, Atlanta Hawks, April, Breaches, 2019, Credit card skimming, Atlanta team, Online sports shop, Sanguine Security


Hacker Revealed Hacking Tools and Operations Carried Out By Iran’s Elite Cyber-Espionage Units

Who: Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten. # of Accounts Breached: 66 victims What was affected: Usernames and password combos to internal network servers info and user IPs. When it happened: April 17, 2019 How it happened: In an incident reminiscent of the Shadow Brokers leak that exp...
Tags: Nsa, Iran, Sem, Cyber Espionage, Telegram, Phishing, April, Breaches, 2019, Dookhtegan, Espionage Operations, Hacker Tools


KPMG Mexico responsible unsecured database that resulted in Data Leak

Who: KPMG Mexico # of Accounts Breached: Employees at 41 of KPMG Mexico’s clients. What was affected: Confidential payroll data of employees. When it happened: February 2019 How it happened: According to a seven-page confidential report, dated Feb. 22, KPMG Mexico said a “small group of staff” created an “unauthorized envi...
Tags: Sem, Compliance, April, Breaches, PII, 2019, Data Leak, Unsecured Database, Federal Data Protection Violations, Payroll Data


Personal Client Information Stolen from WRHA

Who: Winnipeg Regional Health Authority # of Accounts Breached: 75 What was affected: Names and ward locations of clients When it happened: March 7, 2019 How it happened: The Winnipeg Regional Health Authority says a bag was stolen last month containing the personal information of several clients. The bag was taken from an...
Tags: Sem, Notebook, May, Breaches, PHI, PII, 2019, WRHA, Stolen Bag, Unattended Vehicle


Dr. Office Patient Information Held For Ransom after Cyber Breach Incident

Who: Ronald Snyder, M.D. # of Accounts Breached: 24,000 What was affected: Medical billing information, which may include: name, address, date of birth, gender, co-pay amount, patient status, employment status, telephone number, email address, and certain patients’ insurance identification number, which may be a Social Sec...
Tags: Sem, Ransomware, Social Security, Cyber Attack, April, Snyder, HIPAA, Breaches, PHI, 2019, Unauthorized Access, Unknown Actor, Dr Office Patient Information Held For Ransom, Ronald Snyder, Dr Snyder


Compromised Email Account Revealed PII of DHS Personnel and Clients

Who: Department of Human Services – Minnesota # of Accounts Breached: 11,000 What was affected: The compromised e-mail account contained a wide range of personal information about DHS clients, employees and applicants, including first and last names, dates of birth, other demographic data, treatment data and information ab...
Tags: Sem, Dhs, Social Security, April, Breaches, 2019, Minnesota IT Services, Compromised Email, Data at Risk, Employees and Clients, Exposes PII, Hacker Breach, Department of Human Services Minnesota


Microfiche Data Lost During Move

Who: BC Pension Corporation # of Accounts Breached: 8,000 What happened: A box of microfiche the size of a Kleenex box disappeared during a recent office move in Victoria When it happened: January 28, 2019 How it happened: The BC Pension Corporation revealed in a letter Davies received this week, that all of his personal i...
Tags: Data, Sem, Lost, Victoria, Pension, Move, April, Davies, Breaches, PII, 2019, Victoria When, Microfiche, BC Pension Corporation


County Government Crippled by Ransomware Attack

Who: Garfield County # of Accounts Breached: Undetermined What happened: A ransomware attack hit Garfield County’s computer systems, crippling them for weeks When it happened: 11 April 2019 How it happened: A ransomware attack hit Garfield County’s computer systems, crippling them for weeks before they were able to pay to ...
Tags: Sem, Fbi, Bitcoin, April, HUNTINGTON, Breaches, Garfield County, 2019, Ransomware Attack, County Government, Bitcoin demand, Shut off access, Office the Recorder 's Office


Phishing Attack Against Baystate Health

Who: Baystate Health of Springfield # of Accounts Breached: About 12,000 patients What happened: A phishing incident resulted in unauthorized access to the email accounts of several employees When it happened: Between Feb. 7 and March 7. How it happened: A phishing incident resulted in unauthorized access to the email acco...
Tags: Email, Sem, Data Breach, Social Security, Phishing, April, Springfield, HIPAA, Baystate Health, Baystate, Breaches, PHI, PII, 2019, Unauthorized Access, Phishing Attack Against Baystate Health


Cyber Hackers Attempted to Break Into Lawmakers Computer Network

Who: Parliament House (Australia) # of Accounts Breached: Undetermined What happened: Hackers attempted to break into its computer network, which includes lawmakers’ email archives When it happened: February 2019 How it happened: Australian Signals Directorate chief Mike Burgess has confirmed data was stolen by a state-spo...
Tags: Sem, Cyber Attack, April, DPS, Parliament House, Breaches, Australian Signals Directorate, 2019, Mike Burgess, Malicious Attack, State-sponsored Actor


​Email Message Accidentally Exposes of Patient Information​

Who: University Hospitals Rainbow Babies & Children’s Hospital # of Accounts Breached: About 840 patients What was affected: An employee emailed a message to a group of patients, inadvertently allowing the recipients to see each other’s email addresses When it happened: February 28, 2019 How it happened: UH said the employ...
Tags: Sem, E-mail, April, Breaches, PHI, PII, 2019, Accidental Exposure, HIPAA Violation, George Stamatis


Connected CounterTop Garden E-Commerce Site Hacked

Who: AeroGrow # of Accounts Breached: Undetermined What was affected: Credit card number, expiration date, and card verification value — also known as a security code When it happened: Between October 29, 2018,​ and March 4, 2019 How it happened: On March 4, 2019, AeroGrow learned that an unauthorized person may have acq...
Tags: E-commerce, Website, Sem, Malware, PCI, April, Breaches, PII, 2019, Malicious Code, Unathorized Person


Website of Bangladesh Oil Hacked, Twice

Who: Bangladesh Oil, Gas and Mineral Corporation (Petrobangla) # of Accounts Breached: What was affected: Petrobangla’s website When it happened: April 7, 2019 How it happened: In the latest hacking incident, hackers using the name “N33LOB33” wrote on the website: “It is not possible to work with such security. It has been...
Tags: Sem, Hack, Bangladesh, April, Breaches, 2019, Petrobangla, N33LOB33, Security Warning, Website Hack, Bangladesh Cyber Army, Tariqul Islam Khan


Community Housing Agency Breached Files Revealed as Part of Manslaughter Trial

Who: Unity Housing # of Accounts Breached: 6,385 files What was affected: 6,385 files — including housing agency documents, Bedard’s own cover letter and resumé, and a copy of the movie Gone Girl. When it happened: 2016 How it happened: Thousands of potentially personal and sensitive files belonging to an Ottawa community ...
Tags: Sem, USB Drive, March, Ottawa, Hidden Files, Ontario, Abdi, Breaches, Hilda, Bedard, PII, 2019, Daniel Montsion, Abdirahman Abdi, Housing Documents, Manslaughter Trial


Democrat Senator Office Computers Breached by Keylogging Device

Who: New Hampshire Democratic Sen. Maggie Hassan # of Accounts Breached: Undetermined – Six Staff Computers What was affected: – dozens of usernames and passwords belonging to Senate employees– tens of thousands of emails and internal documents– credit card information belonging to Senate employees– social security numbers...
Tags: Senate, Sem, Doxxing, Keylogger, April, Hassan, Employee, Breaches, 2019, Senator, Cosko, Jackson Cosko, New Hampshire Democratic Sen Maggie Hassan, Data Stolen


City of Tallahassee Payroll Affected By Hack On Out-of-State, Third-Party Vendor Payroll Service

Who: City of Tallahassee # of Accounts Breached: undetermined What was affected: $498,000 payroll money When it happened: April 3, 2019 How it happened: Almost half a million dollars was diverted out of the city of Tallahassee’s employee payroll Wednesday after a suspected foreign cyber-attack of its human resources manage...
Tags: Sem, Hack, April, Tallahassee, Breaches, 2019, Payroll Service, Payroll Funds Diverted, Third-party Vendor, State Third Party Vendor Payroll Service


Confidential Information Accidently Released by Maine Hospital

Who: Acadia Hospital # of Records/People Affected: 300 Patients When: 18 April 2019 What happened: A communications official at Northern Light Acadia Hospital in Bangor mistakenly emailed the confidential names of 300 patients. How Did it happen: The release was an accident that resulted from human error, not a systemic pr...
Tags: Sem, Hospital, Maine, April, Bangor, Acadia, Breaches, PHI, 2019, Confidential Information, Unitentional release of information, Maine Hospital, Acadia Hospital of Records People Affected, Northern Light Acadia Hospital


Taxpayer Information Stolen From Employee

Who: The United Way of the Big Bend # of Records/People Affected: 64 Taxpayers When: 19 April 2019 What happened: A data security breach that occurred when taxpayer information was stolen from an employee in March. How Did it happen: The organization says that 64 taxpayers’ information may be exposed after their informatio...
Tags: Theft, Sem, Data Breach, April, United Way, Employee, Tallahassee Police Department, Breaches, The IRS, 2019, Taxpayer Information, Volunteer Income Tax Assistance Program VITA


Unusual Activity on Employee Email Account Unveils Unauthorized Access of PHI

Who: Partners for Quality, Inc. # of Records/People Affected: When: 19 April 2019 What happened: PFQ became aware of unusual activity relating to certain employee email accounts. How Did it happen: On April 15, 2019, PFQ confirmed that the email accounts subject to unauthorized access contained protected health information...
Tags: Sem, April, Breaches, PHI, 2019, Unauthorized Access, Employee Email, Unusual Activity


CPA Has Information Released Through Third Party File Sharing

Who: LD Evans, CPA # of Records/People Affected: When: 16 April 2019 What happened: Information released by unauthorized access by third-party file sharing service How Did it happen: LD Evans learned from Citrix that individuals’ personal information may have been obtained by an unknown, unauthorized third party as the res...
Tags: Sem, Cpa, Citrix, April, Breaches, PII, 2019, Third-party, ShareFile, Unauthorized Access


Ohio Medicaid Recipients Information Leaked Due Computer Error

Who: Ohio Department of Job and Family Services (ODJFS) # of Records/People Affected: 1000When: 5 April 2019 What happened: Computer error led to inadvertent information leak. How Did it happen: Ohio Benefits reportedly supports certain ODJFS and Medicaid programs and is administered through a contract with Accenture under...
Tags: Sem, Medicaid, April, Breaches, 2019, Data Leak, Computer Error, ODJFS


City Computers Brought Down By Ransomware

Who: City of Greenville, North Carolina # of Records/People Affected: Undetermined When: 11 April 2019 What happened: Greenville, N.C., has effectively been knocked offline by a ransomware attack. How Did it happen: The city IT department had to shut down the majority of its servers to limit the extent of the attack. A cit...
Tags: Sem, Ransomware, April, Breaches, 2019, City Computers And Servers, Operations Continuing, Ransom Note


Exposed Unsecured Health Department Medical Database of Northern India Government

Who: Department of Medical, Health and Family Welfare of a state in northern India. # of Accounts Breached: More than 12.5 million What was affected: The database was eventually secured with the help of the Computer Emergency Response Team (CERT) of India, but the entire process took three weeks, during which time the serv...
Tags: India, Sem, April, Zdnet, Breaches, PHI, 2019, Bob Diachenko, Department of Medical Health, Unsecured Database, Medical Records Exposed


Ransomware Attack Shutsdown Michigan County Government

Who: Genesee County # of Accounts Breached: undetermined What has affected​: Genesee County, Michigan was hit with a ransomware attack When it happened: April 2, 2019 How it happened: They say a virus found its way into their system and held data Tuesday, demanding payment. Outcome: They realized the systems had been attac...
Tags: Sem, Ransomware, Michigan, April, Genesee County, Breaches, IT Department, 2019, County Government, Email Down, Extensive Attack, Restoring Systems, Genesee County Michigan


Unauthorized Access to Georgia Tech Database exposes 1.3 Million

Who: Georgia Tech # of Accounts Breached: 1.3 millionWhat was affected: Names, addresses, Social Security numbers, and birth dates. When it happened: Late March 2019 How it happened: Georgia Tech said its database was accessed by an “unknown outside entity” in late March​ and said it “immediately corrected the impacted ap...
Tags: Sem, Social Security, Georgia Tech, April, Breaches, 2019, Impacted Application, Outside Entity, PII Exposed, Georgia Tech Database


Northwestern Rehab Hospital Data Breached by Unauthorized Access

Who: Rehabilitation Hospital of Northwest Ohio # of Records/People Affected: Undisclosed number When: 10 April 2019 What happened: Patients had their personal data compromised after ​“unauthorized access” to employee email accounts occurred. How Did it happen: There was unauthorized access to employee email accounts at the...
Tags: Sem, April, Breaches, PHI, PII, 2019, Unauthorized Access, Ernest Health, Employee Accounts Accessed, Medical Rehab Center, Northwestern Rehab Hospital Data Breached, University of Toledo 's Health Science Campus


Facebook Fails to Protect Your Data Collected by Partner Apps, Yet Again

Who: Facebook # of Records/People Affected: Hundreds of Miliions When: 3 April, 2019 What happened: Unprotected Facebook user data sitting on Amazon’s servers How Did it happen: Two Facebook app developers uploaded the data sets to Amazon’s cloud system. This is just the latest evidence that when Facebook shares data with ...
Tags: Amazon, Facebook, Privacy, Sem, Threat, App Developers, April, Breaches, PII, 2019, Facebook Fails, Third-party, No Encryption, Proper Data Storage, Facebook of Records People Affected