Verizon Communications has reported an insider data breach affecting nearly half of its workforce, exposing sensitive employee information such as names, addresses, Social Security numbers, and compensation details.
Hewlett Packard Enterprise (HPE) is investigating a potential breach after a threat actor claimed to have stolen HPE credentials and sensitive data and put it up for sale on a hacking forum.
Breach Notification , Governance & Risk Management , Healthcare What Will 2024 Be Like If the Healthcare Sector Doesn’t Step Up? Marianne Kolbasuk McGee (HealthInfoSec) • February 1, 2024 Image: Getty For nearly a decade, no matter how bad things seemed to get each year, 2015 remained the record year for U.S. health […]
Feb 02, 2024NewsroomData Breach / Cloud Security Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized access to its Atlassian server and ultimately access some documentation and a limited amount of source code. The intrusion, which took place between November […]
Healthcare , Incident & Breach Response , Industry Specific California Firm Said August Attack Affected Clients’ Data Marianne Kolbasuk McGee (HealthInfoSec) • January 29, 2024 Insurance broker Keenan & Associates is notifying more than 1.5 million individuals about an August 2023 hacking incident that compromised personal and health information. (Image: Keenan & Associates) […]
3rd Party Risk Management , Breach Notification , Cybercrime Concentra Health Services Joins List of Those Affected in Transcriber’s Data Breach Marianne Kolbasuk McGee (HealthInfoSec) • January 26, 2024 Concentra Health Services is one of the latest healthcare providers to report a large breach resulting from the hack on medical transcriber Perry Johnson […]
Healthcare , Incident & Breach Response , Industry Specific Researcher Reported Configuration Issue to Cloud Vendor After Lab Failed to Respond Marianne Kolbasuk McGee (HealthInfoSec) • January 23, 2024 Image: Getty An unsecured database appearing to belong to a Netherlands-based medical laboratory exposed 1.3 million records on the internet, including COVID test results […]
The breach was facilitated by a password spray attack on a non-production test tenant account lacking two-factor authentication, highlighting the importance of robust account security measures.
The breach occurred when a threat actor impersonated Framework’s CEO and tricked an accountant into sharing a spreadsheet containing customer data, including names, email addresses, and outstanding balances.