Security News
Accounts of more than three million users of the U.S.-based FlexBooker appointment scheduling service have been stolen in an attack before the holidays and are now being traded on hacker forums. All three breaches allegedly occurred a few days before Christmas and the intruder published the data on a hacker forum.
Ravkoo, a US Internet-based pharmacy service, has disclosed a data breach after the company's AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed. "Ravkoo utilizes AWS cloud services for online hosting of its prescription portal. On September 27, 2021, Ravkoo detected that this portal was the target of a cybersecurity attack," the pharmacy said in data breach notification letters sent to 105,000 affected customers on January 3.
This week's announcement by Florida's Broward Health System that the most intimate medical data of 1,357,879 of its patients was breached in the fall should serve as a warning that the healthcare software supply chain will be a juicy target for cybercriminals as we head into 2022, researchers warn. As startling as the number of impacted Broward patients may seem, Ron Bradley, vice president of Shared Assessments calls this breach, "Just a drop in the proverbial bucket related to healthcare losses in 2021.".
UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company's billing system was hacked in December 2021. "On December 13, 2021, UScellular detected a data security incident in 'which unauthorized individuals illegally accessed our billing system and gained access to wireless customer accounts that contain personal information," the carrier explained.
A ransomware attack on the McMenamins dining and hospitality empire in the Pacific Northwest came along with a data breach covering 12 years of employee data, the organization has confirmed. The Dec. 12 incident - which some have attributed to the Conti gang - forced McMenamins to shut down various operations, though locations can still receive customers.
The cracked passwords for almost 7.5 million DatPiff members are being sold online, and users can check if they are part of the data breach through the Have I Been Pwned notification service. It is unclear when the data breach occurred, but the DatPiff database was first sold privately and then publicly on hacking forums in July 2020.
The Broward Health public health system has disclosed a large-scale data breach incident impacting 1,357,879 individuals. Broward Health is a Florida-based healthcare system with over thirty locations offering a wide range of medical services and receives over 60,000 admissions per year.
T-Mobile confirmed that recent reports of a new data breach are linked to notifications sent to a "Very small number of customers" who fell victim to SIM swap attacks. SIM swapping makes it possible for attackers to take control of a target's mobile phone number by tricking or bribing the carrier's employees to reassign the numbers to attacker-controlled SIM cards.
Popular wrestling t-shirt site Pro Wrestling Tees has disclosed a data breach incident that has resulted in the compromise of the financial details of tens of thousands of its customers. Pro Wrestling Tees is a website allowing professional wrestlers to set up their own mini-stores to sell merchandise like shirts, posters, action figures, and more to their fans.
"Investigations so far confirm that a limited amount of the company's R&D property has been stolen during the intrusion. Volvo Cars has earlier today concluded, based on information available, that there may be an impact on the company's operation.". Volvo said it notified relevant authorities after discovering the incident and is now investigating the data theft together with third-party experts.