Security Researcher Comments on HIPAA Security Rule
Security researcher Adam Shostack writes:
Elon Musk-hating hackers doxx every Tesla owner in the U.S., exposing names, addresses and phone numbers in massive anti-Musk cyberattack, if you own a Tesla do take note
Some may call it “hacktivism.” Some call it “domestic terrorism.” The Economic Times reports: Tesla owners across the United States are on high alert following a shocking cyberattack that revealed their personal information. With a terrifying symbol, the hackers responsible for the breach, who oppose Elon Musk, have shared an interactive map containing the owners’ […]
Australia Sues FIIG Investment Firm in Cyber ‘Wake-Up Call’
Data Breach Today reports that Australia’s financial regulator has filed a lawsuit against FIIG Securities over cybersecurity failures that enabled a threat actor to steal confidential personal information of 18,000 customers: The Australian Securities and Investments Commission said it decided to sue Brisbane-headquartered FIIG Securities in Federal Court after observing the company’s “systemic and prolonged cybersecurity failures” […]
Over 50 U.S. school districts impacted in retirement service provider breach
In December 2024, EdTech vendor PowerSchool was hit with a major attack that reportedly affected more than 60 million students and employees throughout the country. But that wasn’t the only major attack affecting an education sector vendor in December. Teiss reports that a retirement services vendor was also the victim of an attack: About 50 […]
GitHub Action Compromise Risks Data Leaks for 23,000 Repositories
DevOps reports: A popular GitHub Action used in more than 23,000 code repositories has been compromised in a supply chain attack by attackers who introduced a malicious commit aimed at leaking secrets like passwords held in public repositories. In the compromise, which is being tracked as CVE-2025-30066, bad actors modified the code in GitHub Actions tj-actions/changed-files […]
TRICARE Contractor Resolves $11M False Claims Act Liability for Known Cybersecurity Violations
Tycko & Zavareei Whistleblower Practice Group writes: February 2025 saw an important False Claims Act settlement involving allegations of known cybersecurity failures by Health Net Federal Services Inc. (HNFS), a government contractor that provides TRICARE healthcare management services to active duty military members and their families. HNFS as well as its parent corporation Centene agreed […]
Judge Calls for Change Healthcare Data Breach Lawsuits in State and Federal Courts To Be Coordinated
About Lawsuits reports that all the state and federal lawsuits against Change Healthcare should be coordinated: The U.S. District Judge appointed to preside over all Change Healthcare data breach lawsuits brought throughout the federal court system has issued an order, outlining a plan to coordinate the pretrial proceedings in the federal multidistrict litigation (MDL) with claims pending […]
Dual Russian And Israeli National Extradited To The United States For His Role In The LockBit Ransomware Conspiracy
The U.S. Department of Justice announced: A dual Russian and Israeli national was extradited to the United States on charges that he was a developer of the LockBit ransomware group, United States Attorney John Giordano announced. In August, Rostislav Panev, 51, was arrested in Israel pursuant to a U.S. provisional arrest request. Today, Panev was […]
“Script kiddie” hackers behind cyberattack on Musk’s X, security researcher says
Dark Storm, the big scary-sounding group that took down X (formerly Twitter) in a DDoS attack was just an Egyptian college kid? Cybernews reports: A French security researcher on Tuesday claims to have uncovered the identity of the Dark Storm hacker behind the hours-long DDoS cyberattack on Elon Musk’s X social media platform – and […]
Attorney General James Sues National General and Allstate Insurance for Failing to Protect New Yorkers’ Personal Information
The following is a press release issued yesterday by NY Attorney General Letitia James: NEW YORK – New York Attorney General Letitia James today filed a lawsuit against several insurance companies doing business as National General and Allstate Insurance Company (Allstate) for failing to protect New Yorkers’ personal information from cyberattacks. In 2020 and 2021, National General […]