Data Breach
-
SimonMed says 1.2 million patients impacted in January data breach
SimonMed Imaging said more than 1.2 million people were affected by a data breach that gave attackers access to its network from Jan. 21 to Feb. 5; Medusa ransomware claimed the theft and the company said it found no evidence of misuse as of Oct. 10.
-
DraftKings warns accounts breached in credential stuffing attacks
DraftKings said an undisclosed number of customer accounts were accessed in credential stuffing attacks that exposed a limited set of account details; the company is requiring password resets, urging multifactor authentication and advising customers to monitor financial and credit accounts.
-
Misconfigured Rainwalk Pet database left 158 GB of owner and pet records exposed
A misconfigured Rainwalk Pet database exposed about 158 GB of customer and pet records, including names, contact details, partial credit card numbers, veterinary bills and microchip numbers, the article said; the data remained publicly accessible for almost a month before being secured.
-
Discord says support vendor breach exposed customer data
Discord said a compromised third-party customer support vendor exposed support tickets and personal details, including billing data and ID images, and that it cut the vendor’s access, launched an investigation and notified law enforcement.
-
Renault and Dacia inform UK customers of data exposure after third‑party breach
Renault and Dacia told UK customers that personal data held by a third‑party provider was taken in a cyberattack, exposing names, contact details and vehicle identifiers; Renault said banking data was not exposed and declined to name the supplier or say how many customers were affected.
-
Breach of RemoteCOM surveillance service exposes records of nearly 14,000 monitored people
A breach of RemoteCOM’s SCOUT monitoring system exposed nearly 14,000 records of people under court supervision and contact details for thousands of officers, with leaked files showing device monitoring data, activity alerts and fees for monitored individuals.
-
Volvo North America confirms employee data exposure after Miljödata ransomware attack
Volvo North America confirmed that attackers accessed employee data after its HR-system provider Miljödata was hit by a ransomware attack, exposing names and Social Security numbers and affecting a wide network of Swedish municipalities and institutions.
-
Archer Health data breach exposes 145,000 patient records in publicly accessible database
A California-based in-home health provider, Archer Health Inc., left a 23 GB cache of medical and personal data publicly accessible, exposing more than 145,000 files including patient names, SSNs and medical histories. The database was secured within hours after a cybersecurity researcher alerted investigators, and the company says it is investigating the incident, which underscores…
-
Boyd Gaming Discloses Data Breach After Cyberattack; Employee Data Among Those Compromised
Boyd Gaming disclosed a cyberattack in a Form 8-K, stating attackers gained access to its systems and stole employee data and data belonging to a limited number of other individuals. The company says operations and financial condition are not affected, has engaged external cybersecurity experts and notified law enforcement, and no group has claimed responsibility.
-
Stellantis confirms data breach via third-party provider exposing customer emails
Stellantis disclosed that attackers breached a North American third-party customer-service partner, exposing only customer names and email addresses. The company launched an investigation, notified law enforcement, and urged affected customers to watch for phishing, as the auto maker navigates broader industry disruption linked to a separate JLR cyberattack.
