LATEST POST
576,000 Roku user accounts hacked in second credential stuffing incident in two months
Streaming giant Roku has disclosed that it experienced a second data security breach in as many months. This time, about 576,000 user accounts were compromised by a second credential stuffing attack. In credential stuffing, threat actors test username/password combinations from other incidents, knowing that some consumers re-use the same login across sites and that some […]
AT&T files breach notification, notifies 51 million customers
Remember all the headlines about AT&T customer data of more than 70 million people showing up on the internet again after a previous leak? Now AT&T has filed a notice with the Maine Attorney General’s Office about the incident. Here are two things to note about their notification to Maine: AT&T filed the notification The […]
Still recovering from ransomware attack, Change Healthcare faces a new threat
While Change Healthcare continues to try to restore all services following a damaging ransomware attack in February, they now face a new and concerning threat. No Honor Among Thieves On March 4, a threat actor calling themself “notchy” claimed that they had been involved in the attack on Change Healthcare and that their job was […]
Zuckerberg San Francisco General notifies clinic patients of missing logbook with patient info (1)
Four months after a paper logbook with patient information was discovered missing from a secure area of a clinic at Zuckerberg San Francisco General (ZSFG), the hospital notified patients. A press release issued by ZSFG last week explains that the logbook was discovered missing on December 12 and has not been found. Although there is […]
Hackers nab 341,650 Medicare members’ information from government contractor
Older Medicare numbers used Social Security numbers A consulting firm that provides civil litigation support to the U.S. Department of Justice has sent notification letters to 341,650 Medicare members whose information they had been entrusted with. The letter from Boston-based Greylock McKinnon Associates, Inc. reassured recipients that they were not the target the DOJ investigation […]
US Health Dept warns hospitals of hackers targeting IT help desks
Bleeping Computer reports that hospitals are being warned about a social engineering trick used by hackers to gain access: The sector alert issued by the Health Sector Cybersecurity Coordination Center (HC3) this week says these tactics have allowed attackers to gain access to targeted organizations’ systems by enrolling their own multi-factor authentication (MFA) devices. In […]
Omni Hotels experiencing nationwide IT outage – Is it a cyberattack? (Update: Yes)
Updated April 4: Omni Hotels subsequently acknowledged that they were hit by a cyberattack. They have published an FAQ on the incident that says most services have been restored. They have not yet determined whether any guest data on their servers was accessed or acquired in the attack. Original article follows: Omni Hotels & Resorts […]
Former Hospital Administrator Pleads Guilty in Identity Theft Scheme That Spanned Three Decades
Victim Falsely Prosecuted and Spent Nearly Two Years in Jail and Mental Hospital A former Iowa hospital administrator who lived under a false identity for more than 30 years and caused the false imprisonment of his victim pled guilty today in federal court in Cedar Rapids, Iowa. Matthew David Keirans, age 58, from Hartland, Wisconsin, […]