Data Breaches

A medical management firm based in Massachusetts, Doctor Management Group, has become the first victim of a ransomware attack to be fined for a data breach by the Department of Health and Human Services (HHS). Doctor Management Group has agreed to a financial settlement of $100,000 and will undergo three years of HIPAA compliance...

Meals on Wheels Central Texas has announced changes to its security protocols in the wake of a data breach affecting its In-Home Care service, which was the result of an email phishing attack. The non-profit organization disclosed that it became aware of the breach on September 21. The breach involved the unauthorized access to a...

Toronto Public Library (TPL) has reported service disruptions following a cyber attack detected on Saturday. The library's 100 branches remain open for borrowing materials, and free Wi-Fi services continue. Several digital offerings, including Kanopy for online movies, the digital archive for manuscripts and digitized books, TPL Kids content, library programs on YouTube and Crowdcast,...

Boeing, the renowned aerospace and defense giant, is currently evaluating allegations made by the notorious ransomware group, LockBit, regarding the theft of a substantial amount of sensitive data from the company, as reported by multiple sources. LockBit, a prominent ransomware-as-a-service (RaaS) group, posted a notice on its leak site, warning that sensitive data had been...

A newly discovered cyber campaign, named "EleKtra-Leak," has been actively targeting exposed Amazon Web Service (AWS) Identity and Access Management (IAM) credentials found in public GitHub repositories, enabling the threat actors to carry out extensive cryptojacking activities. Researchers from Palo Alto Networks Unit 42, William Gamazo and Nathaniel Quist, have issued a technical report...

Peerstar LLC, a Pennsylvania-based provider of mental health support services, has revealed that 11,438 patients have been informed about the exposure and potential theft of their protected health information. The company detected suspicious activity on its network on March 7, 2023, prompting it to engage third-party security experts to investigate the incident and assess...

The Clark County School District (CCSD), the fifth largest school district in the United States, is confronting a significant data breach that threatens the privacy and security of over 300,000 students and 15,000 teachers. In a recent cyberattack, malicious actors gained unauthorized access to CCSD's email servers, exposing sensitive information and raising concerns about...

Stanford University found itself in the crosshairs of the notorious ransomware gang 'Akira' on Friday morning when the group listed the institution on the darknet as the target of a potential ransomware attack. Screenshots of this listing surfaced on various online platforms, including the r/stanford subreddit and X (formerly Twitter), thanks to cyber risk...

Regal Rexnord Corporation notified the Massachusetts Attorney General of a data breach in September 2023, revealing that unauthorized access had been gained to consumer-provided information. This breach exposed sensitive data to an unauthorized party, prompting the company to take immediate action. Regal Rexnord has since initiated the process of notifying affected individuals regarding the...

ProMach Inc., the Covington, Kentucky-based industrial machinery and equipment manufacturer, recently filed a notice of a data breach with the Attorney General of Massachusetts. The breach, discovered in October 2023, allowed an unauthorized party to gain access to the company's IT network, potentially compromising the sensitive information of several individuals. In response to this...

Tri Counties Bank, a longstanding financial institution headquartered in Chico, California, has recently disclosed a data breach incident to the Attorney General of California. The breach, discovered on February 7, 2023, allowed an unauthorized actor access to certain portions of the bank's computer network, potentially compromising sensitive customer information. In response, the bank initiated...

Ben E. Keith Company, a prominent food and beverage distribution company, recently filed a notice of a data breach with the Attorney General of Maine. The breach, which occurred between March 3, 2023, and March 5, 2023, has raised concerns as an unauthorized party gained access to sensitive consumer information, including names and Social...

NASCO, a prominent healthcare software company, officially reported a data breach incident to the Attorney General of Massachusetts. The breach, which was attributed to a vulnerability within the secure file-transfer application MOVEit, allowed an unauthorized party to access specific information in the company's possession. As part of their response, NASCO initiated an extensive investigation...

Seiko Group Corporation, a Tokyo-based manufacturing company known for its watches, clocks, electronic devices, semiconductors, and optical products, posted a critical update on its website on October 25, 2023, regarding a recent ransomware attack that compromised its computer network. The incident allowed unauthorized access to sensitive information related to customers, employees, and business transactions....

Leading global aerospace, commercial jetliner manufacturer, and US military and defense contractor, The Boeing Company, is the latest target claimed by the LockBit ransomware gang. The Russian-linked group unveiled this breach on Friday, around 2 pm, via its dark leak site. Boeing responded to the claim by stating that they are currently evaluating the situation....