Tag Archive for: records

Ransomware crooks steal 3m+ patients’ medical records, personal info • The Register

/in


Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December.

According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical, the security breach happened around December 1, 2022. 

“After extensive review, malware was detected on some of our servers, which a threat actor utilized to access and exfiltrate data,” according to a notice posted on Regal’s website and filed with the California Attorney General’s office [PDF]. 

The medical outfit said it hired third-party incident responders to assist and worked with security vendors to restore access to its systems and determine what data was impacted.

Judging from the filings with various state and federal agencies, the news wasn’t good. 

Extortionists stole, among other things, from the medical groups: patients’ names, social security numbers, addresses, dates of birth, diagnosis and treatment information, laboratory test results, prescription data, radiology reports, health plan member numbers, and phone numbers.

And according to the US Department of Health and Human Services, which is investigating the database breach, it affected 3,300,638 people. 

“Regal is taking steps to notify potentially impacted individuals of this breach to ensure transparency,” the company’s notification stated, adding it notified law enforcement and regulatory agencies about the ransomware attack.

Regal did not immediately respond to The Register‘s questions, including who is responsible for the attack and how they gained entry, how much money the crooks demanded and whether the health network paid the ransom.

As is typically the case in these types of incidents, the medical groups say they will pay for affected customers to receive one year of Norton LifeLock credit monitoring. They also urged patients to register a fraud alert with various credit bureaus, and closely monitor account statements as well as explanation of benefit…

Source…

200M Twitter records released on hacking forum

/in


Data relating to more than 200 million Twitter Inc. users have been published on a hacking forum two weeks after data relating to 400 million Twitter users was offered for sale on the same forum.

The data is available to download from BreachForums, the successor site to the now-shuttered RaidForums. The listing describes the data as a “DB/Scrape Leak,” meaning that the data was gathered through access to Twitter and scraping public information. The database includes email addresses, names, screen names, the number of followers each Twitter user has and the date each joined Twitter.

Although the listing comes from a different user than the previously offered 400 million Twitter records, Privacy Affairs claimed today that the data appears to be from the same source. The earlier data was believed to have been gathered by exploiting an application programming interface vulnerability that Twitter fixed in January 2022.

The database includes information on notable Twitter users such as Alphabet Inc. Chief Executive Office Sundar Pichai, Donald Trump Jr. and SpaceX Inc.

Bleeping Computer reported that the database still includes duplicates. Some of the sample data provided has also been confirmed to be legitimate.

A second listing from a different user on Breach Forums claims to have taken the same data dump and cleaned it up, including removing duplicates. The second listing also claims that the records indicate that the information was collected from early November 2021 through Dec. 14, 2021.

“This is a common example of how an unsecured API that developers design to ‘just work’ can remain unsecured because when it comes to security, what is out-of-sight is often out-of-mind,” Jamie Boote, associate software security consultant at application security company Synopsys Inc.’s Software Integrity Group, told SiliconANGLE. “Humans are terrible at securing what they can’t see.”

Sammy Migues, principal scientist at Synopsys Software Integrity Group, noted that the core of the story are the issues around API security.

“As cloud-native app development explodes, so does the world of refactoring monolithic apps into hundreds and thousands of APIs and…

Source…

2022 set to break hacking records as DeFI protocols lose $760m in October

/in


2022 is on course to be a record year for crypto hacking as a record amount of digital assets were stolen via crypto hacks in October.

According to data from blockchain security firm PeckShield released on Monday, about $760 million worth of crypto value was looted by hackers and cybercriminals in 44 incidents that affected 53 protocols in October.

However, some of the exploited protocols recovered $100 million, a fraction of that sum within the same period.

PeckShield reported that $2.98 billion of crypto assets had been stolen in 2022, almost double $1.55 billion, the total value of crypto stolen in 2021,  

The biggest exploit of this ‘Hacktober’ was the BNB Chain hack which resulted in a loss of $586 million alone. Earlier in October, the BNB chain executed a hard fork to restore security after an unknown hacker stole $100 million via a vulnerability in the platform’s cross-chain bridge.

Binance co-founder and CEO Changpeng Zhao (“CZ”) disclosed that hackers accessed a cross-chain bridge where users transfer digital assets from one blockchain to another. The hackers created 2 million BNB tokens out of thin air.

The PeckShield report listed the Mango Markets Defi protocol as the second biggest loser in October. However, the exploiter agreed to return some of the funds.

Related post: $117m stolen in Mango Market hack 

March had recorded the highest loss because oo crypto hacks before October, with around $710 million stolen. Most of this was due to the Ronin Bridge hack, which resulted in $625 million in crypto assets being pilfered.

Causes of the hacks 

There are several causes for the high volume of crypto hacks in October. The leading causes include wallets compromised by profanity hacks, Blockchain bridge vulnerabilities, insecure smart contract codes, the unaccounted-for game theory behind protocol functionality, exploited cross-chain bridges, and oracle price manipulation.

For the crypto lender, Mango Markets, the attacker, Avraham Eisenburg, claimed actions behind the exploit were legal after an oracle price manipulation. Following a community vote, an agreement was struck, and Eisenburg walked away with $47 million…

Source…

Indians Are Being Monitored By A Cloned WhatsApp Software That Records Audio And Video 2022

/in


Indians are being monitored by a cloned WhatsApp software that records audio and video 2022

Among the most used apps in India is WhatsApp. More than 400 million Indians actively use the Meta-owned app. Several WhatsApp clone apps are online, even if the original app is free. These clone apps offer some functionalities that are now unavailable on WhatsApp. GB WhatsApp is one such software. According to reports, an unofficial WhatsApp clone software is monitoring the discussions of Indian users.

whatsapp's cloned application spying on indians through recording video audio

According to the data (via) published by cybersecurity research company ESET, India is one of the countries with the highest rates of Android trojan detections. Even if GB WhatsApp cannot be downloaded from the Play Store, it may be set up using an APOK file.

There is no other private communication platform like WhatsApp in India and the entire world. The Facebook-owned American freeware pass messaging application boasts 2 billion monthly users in 180 nations. It is undoubtedly the most widely used messaging service in the world, with an estimated 65 billion texts being exchanged daily and 2 billion seconds of voice and video conversations made daily in 2018.

With 400 million active users, India is WhatsApp’s largest market. In addition to becoming free, WhatsApp is easy to use and enables the sending of text, audio, and video messages and documents. Fresh analysis has cautioned that a cloned, third-party, unapproved edition of WhatsApp is dominating in the country in terms of spying on people’s chats and that India is one of the nations with the highest amount of Android malware detections.

whatsapp: how to use two different accounts on one phone in 4 steps

Most importantly, though, it guarantees end-to-end encryption for all texts and calls, ensuring users of their privacy and the secrecy of their communications. They are not viewable or listenable to anyone outside of this conversation, not even WhatsApp.

The texting service’s previous reputation for confidentiality is now in doubt in India. Beyond protecting content from being communicated and kept on its service from illegal users and exploitation, serious questions are being raised regarding WhatsApp’s capability to safeguard a person’s privacy.

Ironically, a slew of unrelated recent…

Source…