New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal data, medical records, and fingerprints scans affects at least 1.8 million people.
NYCHHC is the largest public health system in the United States and provides healthcare to over a million New Yorkers, the majority of whom are uninsured or receive state healthcare benefits, such as Medicaid.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Illinois Tollway warns I-PASS customers of text message phishing scam
March 26, 2024
The Illinois Tollway is warning customers of an ongoing phishing scam that is targeting drivers by saying that they have outstanding tolls owed to the agency. According to a press release, the Tollway says that some customers have been receiving text messages from the “Illinois toll way,” detailing outstanding toll amounts that the customers owed. Those ...
- YouTube ordered to reveal the identities of video viewers
March 26, 2024
Federal US authorities have asked Google for the names, addresses, telephone numbers, and user activity of accounts that watched certain YouTube videos, according to unsealed court documents Forbes has seen. Of those users that weren’t logged in when they watched those videos between January 1 and 8, 2023, the authorities asked for the IP addresses. The ...
- Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script
March 26, 2024
Since its discovery in 2022, the Agenda Ransomware group (also known as Qilin) has been active and in development. Agenda, which Trend Micro tracks as Water Galura, continues infecting victims globally with the US, Argentina, and Australia, and Thailand being among its top targets (based on the threat actor’s leak site data). Meanwhile the Agenda ransomware ...
- Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect
March 21, 2024
During the course of an intrusion investigation in late October 2023, Mandiant observed novel N-day exploitation of CVE-2023-46747 affecting F5 BIG-IP Traffic Management User Interface. Additionally, in February 2024, Mandiant researchers observed exploitation of Connectwise ScreenConnect CVE-2024-1709 by the same actor. This mix of custom tooling and the SUPERSHELL framework leveraged in these incidents is assessed ...
- DHS and DG CONNECT Announce Initiative Comparing Cyber Incident Reporting to Better Align Transatlantic Approaches
March 20, 2024
WASHINGTON – Today, the US Department of Homeland Security (DHS) and European Commission’s Directorate General for Communications, Networks, Content, and Technology (DG CONNECT) announced an initiative to compare cyber incident reporting elements that will inform cyber incident reporting requirements by the US, and European Union (EU) under the NIS 2 Directive. This transatlantic collaboration between the ...
- The ‘AT&T breach’ – what you need to know
March 20, 2024
Earlier this week, the data of over 70 million people was posted for sale on an online cybercrime forum. The person selling the data claims it stems from a 2021 breach at AT&T. Back in 2021, a hacker named Shiny Hunters claimed to have breached AT&T and put the alleged stolen data up for sale for ...