Security News

Fragomen, a law firm that provides Google with I-9 employment verification compliance services, says the personal information of some people was compromised in a recent data breach. In a notice of data breach filed with California's Office of the Attorney General, Fragomen is informing affected Google employees of a data breach that it discovered on September 24, and which has resulted in personal information being compromised.

A large psychotherapy clinic in Finland is under heavy stress after a threat actor asked a ransom for a client database with confidential information stolen in a data breach that likely happened almost two years ago. Psychotherapy Center Vastaamo announced the incident last Wednesday, saying that the extortionist first contacted three of its employees in September, asking for 40 bitcoins not to release stolen patient data.

Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP has disclosed a data breach that exposed current and former Google employees' personal information. Fragomen is one of the USA's largest law firms covering immigration law, with over 582 attorneys in 47 locations worldwide.

Cybercriminals have hacked the systems of psychotherapy giant Vastaamo - and are now reaching out to therapy patients, threatening to dump their patient files if they do not pay a ransom. Finland-based Vastaamo, which has more than 40,000 psychotherapy patients, said on its website that its customer register was likely compromised between the end of November 2018 and March 2019.

A massive data breach suffered by the Nitro PDF service impacts many well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank. On October 21st, Nitro Software issued an advisory to the Australia Stock Exchange, stating that they were affected by a "Low impact security incident" but that no customer data was impacted.

News of an unusual data breach at a psychotherapy center in Finland broke over the weekend, after affected patients began receiving emails telling them to pay up or risk their personal and health data being publicly released. What is known about the data breach at the psychotherapy center?

Dr. Reddy's, the contractor for Russia's "Sputinik V" COVID-19 vaccine and a major generics producer, has had to close plants and isolate its data centers. COVID-19 vaccine manufacturer Dr. Reddy's Laboratories has shut down its plants in Brazil, India, Russia, the U.K. and the U.S. following a cyberattack, according to reports.

A data set of millions of payment card records apparently stolen from US-based restaurant franchise Dickey's Barbecue Pit has emerged on a Dark Web marketplace, Gemini Advisory reports. There are 469 locations across 42 states that are operating under the Dickey's Barbecue Pit franchise, each of them allowed to use the type of point-of-sale device they like, as well as their preferred processors.

Popular U.S. smoked-meat franchise Dickey's Barbecue Pit has been hit with a data breach, with cybercriminals posting the fat cap of the compromised data - 3 million payment cards - on the popular Joker's Stash underground marketplace this week. "We are utilizing the experience of third parties who have helped other restaurants address similar issues and also working with the FBI and payment card networks. We understand that payment card network rules generally provide that individuals who timely report unauthorized charges to the bank that issued their card are not responsible for those charges."

"We received a report indicating that a payment card security incident may have occurred. We are taking this incident very seriously and immediately initiated our response protocol and an investigation is underway. We are currently focused on determining the locations affected and time frames involved. We are utilizing the experience of third parties who have helped other restaurants address similar issues and also working with the FBI and payment card networks. We understand that payment card network rules generally provide that individuals who timely report unauthorized charges to the bank that issued their card are not responsible for those charges." Alas, cybercrime bazaars like Joker's Stash have continued plying their trade, undeterred by a push from the credit card associations to encourage more merchants to install credit card readers that require more secure chip-based payment cards.