LATEST POST
Vendor breaches continue to pose threat to patient privacy
Updates to two business associate breaches reveal that millions of patients have been impacted by third-part breaches, with Healthcare Interactive’s breach affecting 3 million patients and TriZetto Provider Solutions’s breach reportedly affecting another 700,000 patients. Healthcare Interactive Healthcare Interactive (“HCIactive”) is a Maryland-based provider of AI-powered software solutions for insurance enrollment and benefits administration. In […]
ShinyHunters has been more active. Google reports on the activity.
Google’s Threat Intelligence Group (GTIG) has been tracking the expansion of ShinyHunters-branded SaaS data theft. In a new blog post, they write: Mandiant has identified an expansion in threat activity that uses tactics, techniques, and procedures (TTPs) consistent with prior ShinyHunters-branded extortion operations. These operations primarily leverage sophisticated voice phishing (vishing) and victim-branded credential harvesting […]
Conduent warns of further financial fallout from cyberattack
Cybersecurity Dive reports: Conduent said it may face additional financial risks related to a January 2025 attack that impacted a number of state governments and other organizations. The attack at the New Jersey-based payments contractor led to data breaches across a number of organizations, including state government agencies and insurance providers. In the state of Wisconsin, […]
Trump files $10B lawsuit against IRS over alleged tax return leaks to major news outlets
Fox News reports: President Donald Trump has filed a $10 billion lawsuit against the IRS, accusing the agency of unlawfully leaking his confidential tax returns in a politically motivated violation of federal privacy laws. A spokesman for Trump’s legal team told Fox News “a rogue, politically motivated” IRS employee disclosed private and confidential tax information involving Trump, his family […]
A Grok AI Toy Breach Exposed 50,000 Private Chats
WebProNews reports: An AI toy called Grok exposed 50,000 conversation logs between children and the device to anyone with a Gmail account due to a cloud storage misconfiguration, raising serious questions about data security, regulatory compliance, and the protection of children’s privacy in AI-enabled products. … According to Wired, the breach originated from a fundamental misconfiguration […]
Infamous RAMP cybercrime forum seized by FBI
The Record reports: Websites for the RAMP cybercrime forum, a notorious Russian marketplace widely used by ransomware groups and initial access brokers, have been replaced with a splash page declaring they have been seized by the FBI. Domain name server (DNS) records reportedly initially showed RAMP’s clearnet site redirecting to an FBI domain regularly used […]
Double Trouble: Two Gangs Both Attack and Encrypt the Same Revenue Cycle Management Firm
SuspectFile reports that two well-known ransomware gangs independently attacked and encrypted files from Resource Corporation of America (RCA), a revenue cycle management business associate headquartered in Texas. What happened next is not totally clear because neither the Qilin gang nor the victim provided any details, but SuspectFile reports that the Medusa gang provided some information […]
SLSH Malicious “Supergroup” Targeting 100+ Organizations via Live Phishing Panels
Silent Push reports: A massive identity-theft campaign is currently active, targeting Okta Single Sign-On (SSO) and other SSO platform accounts across 100+ high-value enterprises. Silent Push has identified a surge in infrastructure deployment that mirrors the TTPs (Tactics, Techniques, and Procedures) of SLSH—a predatory alliance between Scattered Spider, LAPSUS$, and ShinyHunters. This isn’t a standard automated spray-and-pray attack; it is a […]