charges are falsifying business records to hide #HushMoney payments in lead up to 2016 election to #influence electorate
just one Trump supporter at the courthouse draped in a Trump flag.
#StormyDaniels's lawyer, #KeithDavidson, to return to stand. He negotiated the hush-money payment at the center of the case, & is expected to lay out details of the deal.
Fred Hutchinson Cancer Center failed to reveal threats of potential swatting attacks until this site revealed the threat. Should they have disclosed it themselves?
Arctic Wolf Labs has an interesting article on an investigation of two cases: "Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware:"
This may not be a new kind of threat, but it is something to educate victims about as a potential follow-up threat.
Of note, it turns out I was in communication with the same TA from their second case at around the same time, and I can confirm their conclusion that their two cases are likely the same TA. See my report, "Follow-on extortion campaign: confirmation of some findings by Arctic Wolf:"
On Christmas Eve, Integris Health in Oklahoma was sending emails to patients and issuing notices about an attack by threat actors in November who were allegedly contacting patients directly.
According to their notices, the threat actors did not lock/encrypt anything but did exfiltrate files with #PHI
At a time when Republicans (and their allies on the courts) are doing everything in their power to restrict abortion rights, it’s even more important for all Democrats to be champions for reproductive freedom: https://indivisible.org/campaign/abortion-reproductive-freedom
It seems pretty clear from what BianLian has posted that there were TWO unrelated attacks, but Akumin has only disclosed the first attack -- even though it has issued updates since the time of the second attack.
That said: if the second attack was in November, as it allegedly was, then Akumin is still within a 60-day window from discovery to when it must notify HHS and affected patients.
But if an entity issues a press release or update that discloses one data breach but is silent on the fact that there was a second breach, too, resulting in the theft of patient data, is that a deceptive or unfair act under Section 5 of the FTC Act?
AlphV/BlackCat replaced their post on #Tipalti with an updated post, and a TA involved in the attack confirmed for me what their original -- and somewhat confusing -- post meant in terms of the rationale for their strategy.
Note that AlphV has NOT named which Tipalti clients have been contacted already or whether there has been any response. Posts by some others claiming that named companies are being extorted seem premature until either the TA announces who they have already contacted or the victims confirm they have been contacted.
So AlphV (aka BlackCat) is trying something different again. This time, it seems they are claiming a victim before they have even attempted to contact the victim or extort them. They post no proof of claims. They state that they are taking this approach because the victim's cyberinsurance policy does not cover extortion, and their research into the victim (Tipalti) and one of the victim's clients (Roblox) suggests that their usual approach will not work. They intend to try to extort those firms and Twitch, all individually.
They even cite an academic reference on the potential benefit of paying ransom.
This listing is not the nasty approach that we've seen in some other listings on that leak site. But we'll see what happens if or when the victims don't respond.
I've sent an inquiry to Tipalti who is probably already swamped and running around trying to figure out what happened. AlphV claims to have been in multiple systems of theirs since September 8. Whether that's true or not remains to be seen.
DataBreaches has not received any reply as yet from Tipalti, but a reader kindly sent us a link to an Israeli news source that did obtain a statement from them:
מטיפלתי נמסר: "אנחנו מכירים את הטענה הזו וחוקרים אותה. אנחנו לוקחים בכל החומרה והחשיבות את בטחון מידע לקוחותינו. נכון לרגע זה לא זיהינו כל אובדן מידע או פריצה למערכות שלנו".
In Yandex translation:
A spokesman said: "We are aware of this allegation and are investigating it. We take the security of our customers' information with the utmost seriousness and importance. At this time, we have not detected any data loss or breach of our systems."
The listing for plastic surgeon Dr. Jaime Schwartz has reappeared on the Hunters International leak site. Dr. Schwartz has not responded to multiple inquiries since October about this incident and there is no substitute notice or statement on his website -- even though patient data was already being leaked.
> 200 #mobsters in #Italy sentenced to 2200 yrs in prison in 1 of country's largest mob trials, involving 400 lawyers & 900 witnesses. After deliberating for a month, 3-judge panel took ~ 2 hrs 2 hand down rulings today. Mobsters were affiliated w/ notorious 'ndrangheta crime group & convicted o #Mafia association, #extortion, #bribery, & 5 #murders. 207 were jailed, incl 1-time #ForzaItalia lawmaker, frmr police chief, & 1 ex-Mayor, while more than 100 were acquitted
There's an update on the #databreach affecting Jeffco Public Schools in Colorado.
The hackers sent me copies of correspondence with the district in which they reduced their demand to $2k because they want to prove that if paid, they will destroy data and not leak it.
So far, the district hasn't responded to their emails and the hackers just emailed thousands of parents. They are giving the district a 24-hour extension on the 5 pm deadline today to respond to them.
In response to some questions from concerned readers, I contacted SingularityMD with some additional questions about the Jeffco Public Schools attack. I have updated my latest post at:
It seems that Infinite Campus and Google are trying to address some the issues these hacks and media coverage have raised. But how many more districts will become victims before these issues are really addressed?