Blogger/journalist at databreaches.net and pogowasright.org. As a retired healthcare professional, breaches in the healthcare sector are my priority.
The header pic is Indy, a Siberian husky we rescued in 2016 after I read how nobody wanted her because she was so difficult. She is now living her best life and is a mushball with me.
| #DataBreaches | https://www.databreaches.net |
| #Privacy | https://www.pogowasright.org |
| Have a news tip? | Signal: Dissent.73 |
| [email protected] | |
| [email protected] | |
| Pronouns | She/Her |
It seems Vect has partnered with Hasan's BF clone (breached[.]st) and is making everyone registered for the forum an affiliate of vect ransomware. They also announced they are partnering with TeamPCP and plan to deploy ransomware across all victims of the Trivy/LiteLLM compromises.
The kids have big dreams, it seems.
How much will they actually follow through on? Place your bets...
Most of us have probably read that one reason not to pay threat actors is that they cannot be trusted to keep their word to delete data they have exfiltrated. But how often does that actually occur?
I have sent inquiries to a number of incident response/negotiation firms and the DOJ. If I did not send one to your firm and your firm handles a lot of negotiations and payments, please accept my apologies for not having contacted you, and answer the following question (either publicly or via a private message to me):
In what percentage of cases where payment was made to delete data, did threat actors break their word and not delete it?
Please feel free to share this post with others here and elsewhere to boost my chances of getting additional responses/estimates. Thank you all.
#incidentresponse #ransom #extortion #ransomware #databreach
@amvinfe @PogoWasRight @zackwhittaker @campuscodi @euroinfosec
That was a good read.
I’m guessing their lawyers probably told them that legally it was a HIPAA spill, regardless of the redaction efforts, and any cooperation could probably expose them to even more liability. So from their perspective, there was no benefit in cooperation, even if it might have been the moral choice.
Also NEW by me:
"If threat actors gave you a chance to redact the patient data they hacked before they leak it, would you take them up on the offer? Read about the Woundtech incident."
I've never encountered any threat actors spending so much time redacting patient data before they leak it -- and even giving their victim the opportunity to redact the hacked data tranche before the threat actors leak it.
Read more about this one at:
#databreach #healthsec #woundtech #cybersecurity #redaction #incidentresponse #FulcrumSec
@zackwhittaker @campuscodi @euroinfosec @DysruptionHub @amvinfe
NEW, by me:
3.7 Million Telehealth Patients Allegedly Affected By Two Recent Breaches
An individual calling himself "Stuckin2019" or just "Stuck" claims responsibility for attacks on OpenLoop Health and Zealthy.
The former has notified the California AG's Office, but the latter has not notified any regulator as far as I can determine, and they haven't responded to inquiries.
Read more at:
https://databreaches.net/2026/03/23/3-7-million-telehealth-patients-allegedly-affected-by-two-recent-breaches/
#databreach #healthsec #cybersecurity #OpenLoop #Zealthy #HIPAA
I should send this to every person who's ever said "But why wouldn't you want your car to be 'connected'?".
😆
@PogoWasRight Once again, why do these "smart" devices not have an offline mode?
What if the cell networks go down, or the user drives to a location that does not have coverage?
Completely unacceptable for device manufacturers.
Cyberattack leaves drivers with required breathalyzer test systems in 46 states unable to start their vehicles:
Most of us have probably read that one reason not to pay threat actors is that they cannot be trusted to keep their word to delete data they have exfiltrated. But how often does that actually occur?
I have sent inquiries to a number of incident response/negotiation firms and the DOJ. If I did not send one to your firm and your firm handles a lot of negotiations and payments, please accept my apologies for not having contacted you, and answer the following question (either publicly or via a private message to me):
In what percentage of cases where payment was made to delete data, did threat actors break their word and not delete it?
Please feel free to share this post with others here and elsewhere to boost my chances of getting additional responses/estimates. Thank you all.
#incidentresponse #ransom #extortion #ransomware #databreach
Yeah, I’m not sure I believe them. The screenshots appear to tell a different story. For the record, I’ve documented point of sale systems, and if a user has access to the screens in the screenshots, then they have access to probably all of terminals in Israel. That’s the equivalent of sudo access.
https://cybernews.com/cyber-war/iran-linked-hackers-verifone-stryker-cyberattacks-handala/
DysruptionHub
C.
Walker
MissConstrue