The Los Angeles Times reports: A celebrity Beverly Hills plastic surgeon, who has appeared on television shows including “Botched” and “The Doctors,” is being sued by patients who allege that their nude photos were published online after he was hacked — twice — and that he waited months to inform them of the data breaches. […]
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1,500,000 civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of prescription and non-prescription eyewear, concerning violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, following the receipt of a breach […]
The HIPAA Journal reports: A District Court Judge has set a March 2025 deadline for Change Healthcare to file motions to dismiss certain claims raised in multiple complaints in response to its February 2024 ransomware attack and data breach. In February 2024, Change Healthcare suffered a ransomware attack that resulted in file encryption and the […]
TechNadu reports: Genea, one of Australia’s leading fertility service providers, has revealed a cybersecurity breach that disrupted patient services and raised concerns about the potential exposure of sensitive information. The company, which operates 21 clinics nationwide, confirmed the incident in a statement on its website on Wednesday. While Genea confirmed that an unauthorized party accessed its data, […]
Bleeping Computer reports: New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack. The company manages over $90 billion in regulatory assets and has invested in over 800 software and technology startups and companies worldwide during its 30 years of activity. […]
SecurityWeek reports: British fintech giant Finastra last week started sending written notifications to individuals who had their personal information stolen in a data breach. The incident came to light in mid-November 2024, after a threat actor offered on an underground forum data allegedly stolen from the company’s systems. The hacker claimed the theft of 400 gigabytes […]
The personal data of thousands of Polish lawyers and trainee lawyers has been leaked online, exposing social security numbers and password hashes, cybersecurity sources have reported. The breach, first reported by CyberDefence24, occurred on February 14 at around 8:00 PM, with some 10,337 names and 9,037 social security—or PESEL numbers—leaked. The Supreme Bar Council (Naczelna […]
Military.com reports: The Coast Guard‘s personnel and pay system was taken offline Friday and will remain down until at least Feb. 19 while officials investigate a data breach that affected more than 1,100 members. Coast Guard officials said Friday that the service’s Direct Access system, which manages pay and personnel matters, including orders, was hacked Friday, exposing sensitive […]
2023 was a bad year for commercial file transfer software apps because the Clop ransomware gang kept managing to find zero-day vulnerabilities to exploit. One of their campaigns involved Fortra’s GoAnywhere software. Even though Fortra issued a patch for CVE-2023-0669 within a week of discovery, there were many victims, including Brightline. Now TechTarget reports that […]
The North Korean state-sponsored threat actor known as Lazaraus Group is now running a campaign targeting software and Web3 developers with “undetectable” malware. MSN reports: Cybersecurity researchers at STRIKE from SecurityScorecard said they observed malware being embedded into GitHub repositories and NPM packages, where unsuspecting developers pick them up and integrate into their own projects. The […]
