Data Breaches

Fincantieri Marine Group (FMG), the U.S. arm of Italian shipbuilding firm Fincantieri and a contractor for the U.S. Navy, revealed a data breach affecting 16,769 individuals in the aftermath of an April ransomware attack. The cyber incident, resulting in significant disruptions to production, was reported by cybersecurity firm Recorded Future through their news site,...

In response to a recent vendor data breach, Wayne Bank has notified its customers of a potential exposure of personal information. The incident revolves around vulnerabilities identified in MOVEit Transfer, a file transfer software utilized by a third-party vendor. Importantly, Wayne Bank clarified that the breach did not compromise any of its internal systems, assuring...

A ransomware attack targeting the British Library in October, recently revealed, has prompted cyber thieves to demand £600,000 in Bitcoin for the release of the institution's data. The attack disrupted vital electronic services, including the facility's WiFi and computer catalogue, causing substantial service outages. The hackers further escalated their actions by attempting to auction off...

A striking security breach at 08:52:47 PM +UTC on December 31, 2023, resulted in the theft of $81.4 million in cryptocurrency from Orbit Bridge, a decentralized cross-chain technology. The breach's impact prompted Orbit Bridge to assess the damage caused by this unauthorized access. The breach, characterized by "unidentified access," exploited Orbit Bridge's interchain communication, enabling...

ProSmile Holdings, a dental service organization based in New Jersey, began informing patients on December 22, 2023, regarding a breach in its email system. Detected in July 2022, the suspicious activity prompted an investigation by a third-party cybersecurity firm to assess potential exposure or compromise of sensitive data. Confirmation arrived on December 1, 2022,...

In a recent discovery by Cybernews, the Android app Barcode to Sheet, boasting 100k+ Google Play downloads and a 4.5-star rating, has been found with an open instance, resulting in the exposure of sensitive user information and enterprise data. The app, catering to e-commerce clients by facilitating barcode-to-spreadsheet data transfers, inadvertently left its Firebase database,...

Stanley Steemer, a prominent carpet cleaning company, has reported a significant data breach affecting nearly 68,000 individuals. The Ohio-based company discovered the cyberattack in March, with unauthorized access dating back to February 10. The breach was detected on March 6, and the company has been diligently reviewing at-risk files to determine the extent of...

The Cambridge University Hospitals NHS Foundation Trust has confirmed two separate incidents of data breaches involving the inadvertent release of patient information through Excel spreadsheets. The breaches occurred in response to Freedom of Information (FOI) requests and were disclosed by the Trust’s CEO, Roland Sinker. The first breach, which came to light recently, dates back...

A significant security breach has been identified in the Digital Imaging and Communications in Medicine (DICOM) protocol, leading to the exposure of millions of patient scans and health records online. The DICOM standard, a cornerstone for medical imaging interoperability, has been found to have vulnerabilities that have left patient information, including imaging, names, addresses,...

East River Medical Imaging (ERMI), a New York-based diagnostic imaging and radiology practice, has reported a substantial data breach that has potentially compromised the sensitive personal information of over 605,000 patients. The breach, which was officially reported to the U.S. Department of Health and Human Services Office for Civil Rights on November 22, 2023,...

HTC Global Services, an IT services and business consulting company, has confirmed a cyberattack after the ALPHV ransomware gang leaked screenshots of stolen data. The company announced the incident through its X account on Wednesday, stating that they are "actively investigating and addressing the situation to ensure the security and integrity of user data." They...

WALA (Worldwide Australian Labradoodle Association), a prominent dog breeding organization, suffered a major data leak due to a cloud server misconfiguration. The incident exposed over 56,000 documents and 25 gigabytes of sensitive information, including: Pet owners' names, physical addresses, phone numbers, and email addresses Dog microchip numbers Veterinarians' information Testing laboratories' data Medical records...

A Seattle-based surgical group, Proliance Surgeons, notified approximately 437,400 individuals of a ransomware attack and data theft incident earlier this year, marking a concerning trend in the healthcare sector for 2023. The specialty medical group, managing around 100 locations in Washington state and catering to over 800,000 patients annually, disclosed the hacking incident involving a...

Affinity Legacy, Inc. (formerly known as Affinity Health Plan, Inc.) confirmed a recent data breach at a former third-party vendor, resulting in the theft of personal information belonging to 5,538 former Medicare Advantage members. Crucially, Affinity's internal systems remained unaffected by the incident. The impacted individuals were either past members of Affinity's Medicare Advantage Plan...

Securities America, Inc. (SAI) disclosed a recent data breach through a filing with the Attorney General of Vermont concerning McCord LLC, an unaffiliated entity registering its financial professionals with SAI. The breach allowed unauthorized access to sensitive consumer data, comprising names, Social Security numbers, addresses, dates of birth, driver’s license numbers, and financial account...