Security News

Romanian hospital ransomware crisis attributed to third-party breach
2024-02-14 15:48

The Romanian national cybersecurity agency has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider. All hospitals caught up in the ransomware scourge are thought to have been breached via the HIS. Per legal reporting obligations in Romania, service providers must inform the DNSC and national CSIRT of incidents that significantly impact the continuity of essential services.

Integris Health says data breach impacts 2.4 million patients
2024-02-13 19:28

Integris Health has reported to U.S. authorities that the data breach it suffered last November exposed personal information belonging to almost 2.4 million people. Unless Integris Health met the attacker's demands, the stolen data would be sold to other cybercriminals on January 5, 2024.

Bank of America warns customers of data breach after vendor hack
2024-02-12 23:32

Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year.While Bank of America has yet to disclose how many customers were impacted by the data breach, Infosys McCamish Systems, the vendor that had its systems compromised, revealed in a recent filing with the Attorney General of Maine that 57,028 had their data exposed in the incident.

Mon Dieu! Nearly half the French population have data nabbed in massive breach
2024-02-12 07:27

Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week.Payments outfits Viamedis and Almerys both experienced breaches of their systems in late January, the National Commission on Informatics and Liberty revealed, leading to the theft of data belonging to more than 33 million customers.

Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network
2024-02-07 06:29

Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This [computer network] was used for unclassified...

Mozilla adds paid-for data-deletion tier to Monitor, its privacy-breach radar
2024-02-06 21:54

Mozilla on Tuesday expanded its free privacy-monitoring service with a paid-for tier called Mozilla Monitor Plus that will try to get data brokers to delete their copies of subscribers' personal information. Necessarily alert to revenue diversification opportunities in light of its dependence on Google paying to be the default search service on its beleaguered Firefox browser, Mozilla has taken Monitor beyond HIBP alerts, added data removal, and branded that expanded service Monitor Plus with a subscription fee of $8.99 per month.

Data breach at French healthcare services firm puts millions at risk
2024-02-06 18:36

French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country. Though the company's website remains offline at the time of writing, an announcement was posted on LinkedIn warning of the data breach.

Verizon insider data breach hits over 63,000 employees
2024-02-06 16:02

Verizon Communications is warning that an insider data breach impacts almost half its workforce, exposing sensitive employee information.A data breach notification shared with the Office of the Maine Attorney General reveals that a Verizon employee gained unauthorized access to a file containing sensitive employee information on September 21, 2023.

HPE investigates new breach after data for sale on hacking forum
2024-02-05 18:33

Hewlett Packard Enterprise is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information.IntelBroker, the threat actor selling the alleged HPE data, shared screenshots of some of the supposedly stolen HPE credentials but has yet to disclose the source of the information or the method used to obtain it.

Blackbaud settles with FTC after that IT breach exposed millions of people's info
2024-02-02 21:12

Blackbaud, which had data on millions of people stolen from it by one or more crooks, has promised to shore up its IT defenses in a proposed deal with the FTC. In announcing the draft settlement, the US watchdog's boss Lina Khan, Commissioner Rebecca Slaughter, and Commissioner Alvaro Bedoya blasted Blackbaud - a cloud software provider for schools, charities, and other orgs - for its "Unfair and deceptive data security practices" in a statement [PDF]. "The FTC charges that Blackbaud's reckless data retention practices rendered its security failures much more costly: by hoarding reams of data that it did not reasonably need, Blackbaud's breach exposed far more data," they said.