Healthcare industry leaks data on over 235,000 patients, healthcare organizations pay over $10 million in damages
Recently, a court in the US state of New York has preliminarily approved a $1.5 million (Rs. 10.86 million) settlement agreement for resolving a class action lawsuit against One Brooklyn Health System. The lawsuit stems from a November 2022 cyberattack that resulted in the compromise of sensitive health data of more than 235,000 people.
Under the proposed settlement, eligible class action members can submit claims for up to $2,500 in actual out-of-pocket damages, as well as compensation for time spent dealing with the consequences of the data breach (up to four hours at $25 per hour).
Industry "insiders" bidding, 300,000 homeowners' information leaked.
Recently, the Public Security Bureau of X City, Shandong Province, cracked a case of infringement of citizens' personal information and arrested over 60 suspects. The suspects used the identities of building salespeople to sell owners' names, cell phone numbers, house numbers, household types, ID numbers and bank loan information to decoration, home appliance and furniture companies, involving more than 300,000 pieces of information. "Each roughly ranges from 0.5 yuan to 10 yuan a piece, old neighborhoods are relatively cheap because the owners' willingness to renovate is not great, while those newer neighborhoods, neighborhoods about to be handed over, and villa areas are a bit more expensive for the owners' information." The case involves more than 200,000 yuan, the police will continue in-depth investigation, and to remind enterprises to strengthen data protection, the public to raise awareness of personal information protection. Once the leakage behavior is found, the police should be timely to protect the rights and interests.
Artificial Intelligence Safety Regulatory System for Cybersecurity Institution Building
Xinhua News Agency has been authorized to release the Decision of the Central Committee of the Communist Party of China on Further Comprehensively Deepening Reforms to Advance Chinese-Style Modernization, which mentions strengthening the network security system and establishing a system for the safety supervision of artificial intelligence.
Massive data breach of sensitive personal information at Canadian healthcare organization
On May 30, 2024, the Qiulong ransomware organization allegedly announced a major data breach involving Indigo ENT Group, a company involved in the hospital and healthcare industry based in Coquitlam, British Columbia, Canada. According to a post shared by the organization, they had infiltrated Indigo ENT's network for several weeks, during which time they claimed to have stolen thousands of pieces of personal, confidential, and protected health information (PHI), as well as patients' personally identifiable information (PII).
Massive data breach of sensitive user information at Peruvian credit bank
BCP Peru's database was allegedly compromised and made available for download. The allegedly compromised data consisted of 57,694 rows, including sensitive customer information such as card type, issue type, bank identification number, cardholder name, account holder name, home address, province of residence, customer ID, and primary phone number. If true, the intrusion poses a significant risk to affected individuals and could lead to identity theft, financial fraud and other malicious activity.
Massive breach of medical data at US healthcare company
A major U.S. healthcare provider is selling 1.5 terabytes of sensitive patient data in an unauthorized FTP. The access consisted of comprehensive patient files containing detailed personal information. The type of access is FTP with write-to-download functionality, allowing potential buyers to manipulate the data as they see fit. The data is 1.5 terabytes in size and is open on 1/30/2024.
Patient files contain a wealth of personal information, including address, patient name, date of birth, social security number (SSN), gender, phone number, and more. Shockingly, the company actively updates and edits this data on a daily basis. Despite being listed for sale since March 2, 2024, it remains unsold. The targeted organizations cover more than 50 facilities in the U.S., so the potential impact of this breach is wide-ranging.
Leakage of data information:
Access type: FTP with write-to-download functionality
Data size: 1.5 TB
Time to market: As of January 30, 2024
What: Complete patient file including address, patient name, date of birth, Social Security Number (SSN), gender, phone number, etc.
UPDATE: The company is actively updating and editing data on a daily basis. Despite being listed for sale since March 2, 2024, it remains unsold.
Scope: Targets include more than 50 plants in the United States.
Swarovski stockpile suffers ransom threat from unauthorized access
In a cyber incident, unauthorized access to the Swarovski management portal was sold. This access allegedly allowed potential buyers to view and extract all customer data, posing a significant security threat to the company's customers. The price tag for such unauthorized access was 800 euros.
Russian Hacking Group Hunt3r Kill3rs Launches Cyber Attacks on Israeli Government and Military Infrastructure
The Russian hacking organization Hunt3r Kill3rs has announced that it will launch a new round of cyberattacks against Israel, focusing on its military and government infrastructure. In a statement, the organization declared its intention to "torture Israel" and promised to carry out relentless attacks until what they consider to be Israel's crimes cease.
The Hunt3r Kill3rs organization has announced that it will continue to launch attacks against Israel. According to the organization's statement, these cyberattacks will continue until what they call Israeli crimes are over. The organization's vow to step up its efforts indicates that they will carry out long-term and targeted attacks against Israeli infrastructure.
Outlook Email Client Remote Code Execution High-Risk Vulnerability Sold on the Dark Web
An id named "Cvsp" has announced the sale of the Outlook Remote Code Execution (RCE) vulnerability 0day in a dark web forum. The vulnerability is designed to target versions of Microsoft Office across x86 and x64 architectures, and poses a significant security threat to users worldwide.
Vulnerability affects versions
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft 3654 APP for Enterprise
Authentication can be bypassed, GitHub enterprise servers exposed to full score vulnerability with PoC
Recently, security researchers disclosed a critical vulnerability (CVE-2024-4985, cvss score: 10.0) in the GitHub Enterprise Server (GHES) that allows an unauthorized attacker to access GHES instances without pre-authentication. A fix has been rolled out by GitHub, and no large-scale exploitation of the vulnerability has been found, so users can update GHES to a patched version (3.9.15, 3.10.12, 3.11.10, 3.12.4 or later). If an immediate update is not possible, consider temporarily disabling SAML authentication or cryptographic assertion features as a temporary mitigation.
Reference: https://cncso.com/critical-github-enterprise-server-flaw-allows-authentication-bypass.html