LATEST POST
Penn hacker claims to have stolen 1.2 million donor records in data breach
Bleeping Computer reports: A hacker has taken responsibility for last week’s University of Pennsylvania “We got hacked” email incident, saying it was a far more extensive breach that exposed data on 1.2 million donors and internal documents. On Friday, University of Pennsylvania alumni and students began receiving multiple offensive emails from Penn.edu addresses claiming the university […]
Russia finally bites the cybercrooks it raised, arresting suspected Meduza infostealer devs
The Register reports: Russia’s Interior Ministry says police have arrested three suspects it believes helped build and spread the Meduza infostealer. A statement issued by spokesperson Irina Volk via the Ministry’s Telegram channel on Thursday included video footage of all three arrests of men described as “young IT specialists” who are alleged to have helped […]
Michael R. Schwartz, M.D., Data Incident Notice
Notice of Data Security Incident On October 23, 2025, Michael R. Schwartz, M.D., Inc. (“the Practice”) mailed notification letters to certain individuals whose information may have been involved in a recent data security incident. On or about August 25, 2025, the Practice became aware that an unauthorized party gained remote access to one computer within […]
YNHHS reaches preliminary $18 million settlement over data breach
Yale News reports a settlement stemming from a March, 2025 data breach that the Yale New Haven Health System reported to HHS as impacting 5,556,702 individuals: The Yale New Haven Health System has agreed to finance an $18 million settlement fund in response to a class action lawsuit about a data breach that allowed an unauthorized third […]
Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition
The Record reports: A Ukrainian national accused of launching ransomware attacks on behalf of the Conti group appeared in a U.S. court on Thursday after being extradited from Ireland. Oleksii Oleksiyovych Lytvynenko is facing several charges related to his suspected involvement with the Conti ransomware gang, which attacked hundreds of organizations globally before disbanding in 2022. The […]
Goosehead Insurance hit with lawsuit over alleged data breach notification delay
Insurance Business Magazine reports: A Texas woman has sued Goosehead Insurance Agency over a data breach that exposed sensitive customer information, alleging the company waited seven months to sound the alarm. Jayda Slaughter filed the proposed class action in federal court on October 24, claiming the national insurance agency’s network was infiltrated in early March […]
US company with access to biggest telecom firms uncovers breach by nation-state hackers
Reuters reports: Hackers working for an unnamed nation-state breached networks at Ribbon Communications, a key U.S. telecommunications services company, and remained within the firm’s systems for nearly a year without being detected, a company spokesperson confirmed in a statement on Wednesday. Ribbon Communications, a Texas-based company that provides technology to facilitate voice and data communications […]
Canada says hacktivists breached water and energy facilities
Bleeping Computer reports: The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that could have led to dangerous conditions. The authorities issued the warning to raise awareness of the elevated malicious activity targeting internet-exposed Industrial Control Systems (ICS) […]