The HIPAA Journal reports: A District Court Judge has set a March 2025 deadline for Change Healthcare to file motions to dismiss certain claims raised in multiple complaints in response to its February 2024 ransomware attack and data breach. In February 2024, Change Healthcare suffered a ransomware attack that resulted in file encryption and the […]
TechNadu reports: Genea, one of Australia’s leading fertility service providers, has revealed a cybersecurity breach that disrupted patient services and raised concerns about the potential exposure of sensitive information. The company, which operates 21 clinics nationwide, confirmed the incident in a statement on its website on Wednesday. While Genea confirmed that an unauthorized party accessed its data, […]
Bleeping Computer reports: New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack. The company manages over $90 billion in regulatory assets and has invested in over 800 software and technology startups and companies worldwide during its 30 years of activity. […]
SecurityWeek reports: British fintech giant Finastra last week started sending written notifications to individuals who had their personal information stolen in a data breach. The incident came to light in mid-November 2024, after a threat actor offered on an underground forum data allegedly stolen from the company’s systems. The hacker claimed the theft of 400 gigabytes […]
The personal data of thousands of Polish lawyers and trainee lawyers has been leaked online, exposing social security numbers and password hashes, cybersecurity sources have reported. The breach, first reported by CyberDefence24, occurred on February 14 at around 8:00 PM, with some 10,337 names and 9,037 social security—or PESEL numbers—leaked. The Supreme Bar Council (Naczelna […]
Military.com reports: The Coast Guard‘s personnel and pay system was taken offline Friday and will remain down until at least Feb. 19 while officials investigate a data breach that affected more than 1,100 members. Coast Guard officials said Friday that the service’s Direct Access system, which manages pay and personnel matters, including orders, was hacked Friday, exposing sensitive […]
2023 was a bad year for commercial file transfer software apps because the Clop ransomware gang kept managing to find zero-day vulnerabilities to exploit. One of their campaigns involved Fortra’s GoAnywhere software. Even though Fortra issued a patch for CVE-2023-0669 within a week of discovery, there were many victims, including Brightline. Now TechTarget reports that […]
The North Korean state-sponsored threat actor known as Lazaraus Group is now running a campaign targeting software and Web3 developers with “undetectable” malware. MSN reports: Cybersecurity researchers at STRIKE from SecurityScorecard said they observed malware being embedded into GitHub repositories and NPM packages, where unsuspecting developers pick them up and integrate into their own projects. The […]
Security Affairs reports: China-linked APT group Salt Typhoon is still targeting telecommunications providers worldwide, and according to a new report published by Recorded Future’s Insikt Group, the threat actors has breached more U.S. telecommunications providers by exploiting unpatched Cisco IOS XE network devices. Insikt Group researchers reported that the Chinese hacked have exploited two Cisco flaws, tracked […]
Should India adopt a threshold-based data breach reporting?
MediaNama reports: India needs a threshold-based system for data breach reporting, speakers argued at MediaNama’s discussion on the draft Digital Personal Data Protection Rules (DPDP Rules, 2025) on February 7. This came as a comment during the session on the draft rules around data breaches. MediaNama conducted this discussion under the Chatham House Rule. (Chatham […]