Data Breaches

There’s a follow-up on one of the plastic surgery ransomware attacks this site first reported in October 2023 after the Hunters International threat actors added Jaime S. Schwartz, MD, to their leak site with proof of claims. At the time, Dr. Schwartz’s practice was one of a number of attacks on plastic surgery practices where…

Kevin Poireault reports: Netherlands-based threat intelligence firm Prodaft revealed on February 20 that internal chatlogs from the BlackBasta ransomware gang have been leaked online. BlackBasta is a ransomware strain that was first detected in April 2022. Early on, cyber threat intelligence experts assessed that the members of the group behind the ransomware were associated with other…

Aman Shukla reports: Niva Bupa Health Insurance Company Ltd has recently informed exchanges that the company received an email from an anonymous sender claiming a potential customer data breach. The company is actively investigating the matter and implementing preventive measures to mitigate risks. …  In the exchange filing, the company shared, “We have received communication(s)…

There’s been a state enforcement action against National Public Data, but it’s not for the data breach that resulted in the leak of 2.9 billion records. It’s for failure to register with California as a data broker.   News: February 20, 2025 SACRAMENTO — The Enforcement Division of the California Privacy Protection Agency (CPPA) has brought…

There is a follow-up to a breach previously reported on DataBreaches.net in December 2018. February 20 — Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1,500,000 civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of prescription and non-prescription eyewear, concerning violations of…

Novinite reports: The Ransomhouse hacker group has claimed responsibility for stealing data from the Supreme Administrative Court’s information systems. The group published documents, including lists of employee names, personal data, and leave applications, as evidence of the breach, according to cybersecurity website Questona. Along with the leaked documents, the hackers addressed the court’s management with a message urging them to make contact….

Another day, another massive leak. Researcher Jeremiah Fowler reports that he found unsecured data with 1,674,218 records belonging to DM Clinical Research. DM Clinical Research is a Texas-based network of more than 24 multi-therapeutic clinical trial sites involved in research on vaccines, internal medicine, pediatrics, gastroenterology, psychiatry, neurology, women’s health, and more. DM Clinical Research’s…

Marine Pichon and Alexis Bonnefoi of Orange Cyberdefense report: Last year, Orange Cyberdefense’s CERT investigated a series of incidents from an unknown threat actor leveraging both ShadowPad and PlugX. Tracked as Green Nailao (“Nailao” meaning “cheese” in Chinese – a topic our World Watch CTI team holds in high regard), the campaign impacted several European organizations, including in the healthcare vertical, during…

Dan Black of Google’s Threat Intelligence Group writes: Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government…

Waqas reports: A joint advisory from the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) reveals the ongoing threat of Ghost ransomware, also known as Cring. Active since early 2021, this group, operating out of China, has targeted organizations in over 70 countries, impacting…