Security News

BORN, which collates and uses information on "Pregnancy, birth, the newborn period and childhood to improve care," says it became aware of the incident on May 31 and notified relevant authorities, including the Ontario Provincial Police and the province's Information and Privacy Commissioner. The perinatal and child registry collects data from healthcare providers, labs, and hospitals that provide pregnancy and child services.

The BORN Ontario data breach that impacted 3.4 million people was caused by the exploitation of well-known zero-day vulnerability in Progress MOVEIt Transfer software. On Monday, September 25th, SickKids disclosed that it is "Among the many Ontario healthcare providers" that share sensitive health information with BORN Ontario, a perinatal and child registry that collects, interprets, shares and protects critical data about pregnancy, birth and childhood in the province of Ontario.

BORN is a perinatal and child registry that collects, interprets, shares and protects critical data about pregnancy, birth and childhood in the province of Ontario.BORN created a web page with details about the impact the incident has on its patients and who is likely affected by the data theft.

US educational nonprofit organization National Student Clearinghouse has revealed that the breach of its MOVEit server ended up affecting almost 900 colleges and universities, and resulted in the theft of personal information of their students. NSC has filed a breach notification letter with the California Attorney General's Office on behalf of the affected schools.

Infosec in brief T-Mobile has had another bad week on the infosec front - this time stemming from a system glitch that exposed customer account data, followed by allegations of another breach the carrier denied. According to customers who complained of the issue on Reddit and X, the T-Mobile app was displaying other customers' data instead of their own - including the strangers' purchase history, credit card information, and address.

U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United States. According to the data breach notification letters, the data exposed in the attack varies for each affected individual.

Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident this week in which hackers "Briefly" obtained limited access to its internal systems."An unauthorized group briefly obtained limited access to an internal Air Canada system related to limited personal information of some employees and certain records," reads a statement published Wednesday, September 20th, on Air Canada's press website.

Ethereum blockchain analytics firm Nansen asks a subset of its users to reset passwords following a recent data breach at its authentication provider. Nansen is a popular entity in the cryptocurrency space, offering users insights into Ethereum wallet activity, helping identify emerging projects, and generally helping people make informed investment decisions.

T-Mobile has denied suffering another data breach following Thursday night reports that a threat actor leaked a large database allegedly containing T-Mobile employees' data. The mobile carrier told BleepingComputer that the leaked data is believed to belong to an authorized retailer, which was breached earlier this year.

Pizza Hut Australia is sending data breach notifications to customers, warning that a cyberattack allowed hackers to access their personal information. The notification warns that the hacker gained unauthorized access to Pizza Hut Australia systems storing sensitive info for customers who made online orders, as well as partial financial data and encrypted account passwords.