This is the first part of a two-part report of findings from the Global Schools Group data breach. All statistical analyses and findings were provided to DataBreaches by FulcrumSec, and are presented to assist those investigating the breach as well as parents and employees who might be concerned as to what types of data were...

Source

Danish pharma giant Novo Nordisk disclosed a cybersecurity incident last week, and although the firm’s name may not be familiar to everyone, they are a major producer of insulin and semaglutide. Semaglutide is marketed as Wegovy for weight loss and Ozempic for Type 2 diabetes. In its June 11 update, the firm stated that the...

Source

DataBreaches has been impressed by South Korea’s response to data breaches ever since reading about how its financial regulator responded to three credit card companies whose customers suffered a major data leak. Unlike any enforcement action DataBreaches had ever seen levied here in the U.S., the firms had their ability to enroll new customers suspended...

Source

Mason Lewsey reports: Thousands of Essex patient records were compromised in a cyber attack linked to a major NHS data breach, MSE has confirmed. Mid and South Essex NHS Foundation Trust revealed that around 2,380 patient test records were stolen in the attack, which affected data held by third-party provider Synnovis. The trust operates Southend...

Source

From an FTC press release of June 5: Following a public comment period, the Federal Trade Commission finalized a modified order requiring Illuminate Education Inc. to implement a data security program, limit collection and retention of consumer data, and delete unnecessary data to settle charges that the company’s data security failures led to a major...

Source

Jason Koebler reports: Hackers say that they used Meta’s AI support chatbot to break into a host of high-profile Instagram profiles by asking the support bot to change the email address associated with the target account. The claims coincide with a series of high-profile Instagram account takeovers, including the Barack Obama White House account, the Chief Master...

Source

Jaimie Ding reports: Attorney General Rob Bonta filed the lawsuit against Chrome Holding Co., which 23andMe rebranded under after filing for bankruptcy last March. 23andme is known for its direct-to-consumer DNA test kits that provided customers information on their ancestry and genetic predispositions for certain health conditions. The lawsuit calls for various civil penalties against 23andMe...

Source

The FBI has issued a Flash Alert about the Silent Ransom Group. Summary The Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, is targeting law firms using social engineering techniques. Through phone calls and phishing emails, SRG actors pose as IT support to establish access to victim computers and exfiltrate...

Source

Google’s Threat Intelligence Group writes: Google Threat Intelligence Group (GTIG) has continued to track an expansive extortion campaign by UNC6671, a threat actor operating under the “BlackFile” brand, that targets organizations via sophisticated voice phishing (vishing) and single sign-on (SSO) compromise. By leveraging adversary-in-the-middle (AiTM) techniques to bypass traditional perimeter defenses and multi-factor authentication (MFA),...

Source

Dalbir Singh & Associates ignored multiple attempts at responsible disclosure but finally locked down its misconfigured Amazon bucket, only to expose it again. Now the data is in the hands of criminals trying to extort them.  On April 6, DataBreaches reported on a misconfigured Amazon bucket belonging to an immigration law firm in New York....

Source

There’s an update to the ChipSoft ransomware attack.  DigitalShield reports that although ChipSoft hasn’t revealed whether it paid Embargo ransom, it did disclose that some negotiations had occurred. One of the most striking elements of the case is the company’s claim about the deletion of the stolen data. According to the company, the destruction has been...

Source

There is an update regarding the 2023 Delta Dental breach involving MOVEit software. Delta Dental was one of many customers whose patient data was exposed after Clop exploited a zero-day vulnerability to attack MOVEit and acquire its clients’ data. More than 7 million patients were reportedly affected by the breach, although the number specific to New...

Source

There is an update on the criminal cases against Ryan Goldberg and Kevin Martin, security professionals who turned to the dark side and cut a deal with ALPHV/BlackCat operators to use their ransomware and pay BlackCat 20% of whatever they collected in ransom. From the DOJ’s press release today: Two American cybersecurity professionals were sentenced...

Source

Yesterday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced settlements with four regulated entities following separate ransomware investigations under HIPAA’S Security Rule. For those keeping count: the resolutions announced mark 19 completed investigations from ransomware breaches and 13 completed investigations in OCR’s Risk Analysis Initiative. The settlements follow...

Source

Just when I thought I might be done with work for the day, DataBreaches received an email from “Internet Yiff Machine” (IYM),  the hacktivist responsible for hacking P3 Global Intel in what has been called the “Blue Leaks 2.0” breach. As most readers know by now, IYM provided a dataset of 8.3 million tips that...

Source

Overview and Background This is the first of what will likely be several updates to this site’s exclusive reporting on the “BlueLeaks 2.0” incident that exposed anonymous and sensitive tips by and about students on a platform that promised them anonymity and security.  DDoSecrets.org named the incident “Blue Leaks 2.0” because, like a previous leak...

Source

Long-term follow-ups are important, and DataBreaches is glad that Alexander Martin points out that at least one NHS Trust is still impacted by the Qilin ransomware attack on Synnovis in 2024. From his reporting: At South London and Maudsley NHS Foundation Trust (SLaM), pathology systems have not been restored as of publication, with the trust...

Source

Introduction P3 Global Intel advertises itself as a “fully integrated and state-of-the-art tip acquisition and tip management solution that has quickly become the leading choice of Crime Stoppers Programs, Law Enforcement Agencies, Campus Safety Programs, and Federal Agency Initiatives.”  35,000 U.S. schools use P3 Campus, which partners with “safer school” initiatives such as Sandy Hook...

Source

The IAPP writes: Last year, the California Privacy Protection Agency adopted a major new rule requiring certain businesses to conduct an annual cybersecurity audit. The rule went into effect 1 Jan. 2026. This pioneering requirement, the first of its kind among state data privacy laws of general applicability, may entail substantial compliance efforts for affected companies to...

Source

There are insider breaches, and then there are fourth-degree felonies and other possible charges if public records are destroyed improperly or without a lawful purpose. KVIA in New Mexico reports: The City of Anthony released a letter to KVIA on Saturday stating that the previous administration had allegedly committed several wrong-doings and the City is...

Source