Tag: identity theft

  • Ascension Healthcare Data Breach Exposes Information of Over 430,000 Patients

    Ascension Healthcare Data Breach Exposes Information of Over 430,000 Patients

    Ascension, one of the largest private healthcare systems in the United States, has confirmed that a recent data breach has compromised the personal and healthcare information of over 430,000 patients. The breach was disclosed in notification letters sent to affected individuals in April, revealing that the data was stolen during a cyber incident affecting a former business partner of the organization earlier in December.

    The breach allowed attackers to access sensitive personal health information, including details about inpatient visits, such as physician names, admission and discharge dates, diagnosis, billing codes, and medical record numbers. Additionally, personal details such as names, addresses, phone numbers, email addresses, dates of birth, race, gender, and Social Security numbers (SSNs) were also exposed.

    Ascension stated in a public communication, “On December 5, 2024, we learned that Ascension patient information may have been involved in a potential security incident. Our investigation determined on January 21, 2025, that Ascension inadvertently disclosed information to a former business partner, and some of this information was likely stolen from them due to a vulnerability in third-party software used by the former business partner.” Source

    The incident has particularly impacted individuals in Texas and Massachusetts, where the totals are reported as 114,692 and 96 respectively. Although Ascension initially withheld the exact number of affected individuals, an April 28 filing with the U.S. Department of Health & Human Services (HHS) later revealed that 437,329 individuals were impacted by the breach.

    To assist those affected, Ascension is offering two years of complimentary identity monitoring services, which include credit monitoring, fraud consultation, and identity theft restoration services. Despite this, details surrounding the breach affecting the former business partner remain sparse, though experts suggest that it may be linked to a series of ransomware attacks exploiting a critical flaw in Cleo secure file transfer software. Source

    Only last year, Ascension notified nearly 5.6 million patients and employees of a major ransomware attack attributed to the Black Basta group, which resulted from an employee inadvertently downloading a malicious file. This incident significantly disrupted Ascension’s operations, forcing staff to revert to manual record-keeping and halt non-emergency medical services. Source

    With a workforce exceeding 142,000, Ascension operates 142 hospitals and 40 senior care facilities across North America and reported revenues of $28.3 billion in 2023. As the healthcare industry grapples with increasing cyber threats, Ascension’s incident underscores the need for stringent data security measures.

  • Major Data Breach Exposes Personal Information of 5.5 Million Patients at Yale New Haven Health

    Major Data Breach Exposes Personal Information of 5.5 Million Patients at Yale New Haven Health

    In a significant security incident, Yale New Haven Health, the largest healthcare system in Connecticut, has reported a data breach impacting more than 5.5 million individuals. The breach, which has come to light after a legally mandated disclosure, occurred on March 8 and involved the illicit acquisition of sensitive patient information by malicious hackers.

    According to the healthcare system’s disclosures, the compromised data encompasses a range of personal information including names, dates of birth, postal and email addresses, phone numbers, and in some cases, Social Security numbers. Importantly, while the breach led to the exposure of personal details, it was confirmed that electronic medical records and payment information were not accessed. The ongoing investigation may still reveal further individuals affected by the breach.

    Already facing considerable scrutiny, Yale New Haven Health has enlisted the expertise of cybersecurity firm Mandiant to assist with investigating the breach. In a proactive response, the health system initiated notification letters to affected individuals starting April 14 and has offered credit monitoring and identity theft protection services to those whose data was compromised. This effort highlights the growing necessity for robust data protection measures in light of increasing cyberattacks targeting healthcare institutions.

    As the healthcare sector grapples with rising vulnerabilities to cyberattacks, this incident underscores the ongoing challenges in securing sensitive personal information. Similar breaches have occurred across the sector, affecting institutions like United Health and Ascension Health. Cybersecurity experts warn that the stolen information can be exploited for financial fraud and identity theft, emphasizing the importance of extensive safeguarding practices within healthcare settings.

  • TicketToCash Database Leak Exposes Personal Information of 520,000 Customers

    TicketToCash Database Leak Exposes Personal Information of 520,000 Customers

    In a alarming incident, TicketToCash, a prominent online platform for reselling event tickets, has suffered a data breach due to a misconfigured database that exposed sensitive information of approximately 520,000 customers. Cybersecurity researcher Jeremiah Fowler uncovered a 200GB database that was publicly accessible without any password protection. The breach includes not only basic user details like names and email addresses but also partial credit card information and physical addresses related to concert and event tickets.

    Fowler’s investigation revealed that the compromised data contained extensive Personally Identifiable Information (PII) along with financial details. The exposed records included not just customer names and email addresses, but also crucial data such as credit card numbers and home addresses, raising significant concerns regarding privacy and security.

    Despite receiving a disclosure notice from Fowler, TicketToCash’s response was lackluster as the database remained unprotected for four days after the initial warning. According to Fowler, a second alert prompted the company to finally secure the database, but it highlights serious lapses in the management of sensitive user data.

    Cybersecurity experts warn that such vulnerabilities can lead to increased risks of phishing, identity theft, and potentially fraudulent activities. Fowler emphasized the long-term implications of the leaked data, citing a report that shows a notable increase in ticket scams affecting consumers in secondary markets, which underscores the urgency for platforms like TicketToCash to bolster their data protection protocols.

    The questions surrounding the ownership and management of the breached database remain unclear. It is uncertain if TicketToCash directly managed it or if a third-party contractor was involved, further complicating the issue of accountability in handling user data. Users are advised to remain vigilant against potential scams and to update their security measures, including passwords and authentication methods.

  • WK Kellogg Co Reports Data Breach Linked to Clop Ransomware Gang

    WK Kellogg Co Reports Data Breach Linked to Clop Ransomware Gang

    WK Kellogg Co, a prominent American food manufacturer, has notified employees and vendors of a significant data breach that occurred in connection with the Cleo file transfer software. The breach, which was first discovered on February 27, 2025, involved unauthorized access to sensitive data due to two zero-day vulnerabilities exploited by the Clop ransomware gang at the end of last year.

    The breaches, linked to the vulnerabilities tracked as CVE-2024-50623 and CVE-2024-55956, allowed attackers to compromise servers managed by Cleo. According to a company notice, Cleo confirmed that an unauthorized individual gained access to their servers on December 7, 2024, which were utilized for transferring employee files to human resources service vendors. The details of the breach were shared in a notification sent to the authorities.

    The data breach has severe implications, as it exposes sensitive information such as names and social security numbers of individuals. WK Kellogg has taken steps to mitigate the impact, offering affected individuals a one-year subscription to identity monitoring and fraud protection services through Kroll. They have also recommended placing fraud alerts or a security freeze on credit files.

    In an effort to bolster security, Kellogg has indicated that they are working closely with Cleo to implement improved security measures to prevent similar incidents in the future. The company, which split from Kellogg’s in 2023, has an annual revenue of approximately $2.7 billion and is known for popular cereal brands including All-Bran, Corn Flakes, Froot Loops, and Frosted Flakes.

    This breach is part of a troubling trend, as WK Kellogg becomes the latest entity affected by Clop ransomware, adding their name to a growing list of victims targeted by this cybercriminal group. Earlier reports indicated that Western Alliance Bank faced a data breach affecting 22,000 customers due to the same vulnerabilities in Cleo’s software.

  • Florida Man Pleads Guilty in High-Profile Cryptocurrency Theft Linked to Scattered Spider Gang

    Florida Man Pleads Guilty in High-Profile Cryptocurrency Theft Linked to Scattered Spider Gang

    A 20-year-old Florida man has pleaded guilty to multiple charges related to significant cryptocurrency thefts, amounting to hundreds of thousands of dollars. Noah Michael Urban, known online by several aliases including ‘King Bob,’ was linked to the infamous Scattered Spider hacking group. According to court documents, Urban admitted to committing SIM swap fraud, aggravated identity theft, and stealing over $800,000 in Bitcoin and Ethereum from five victims whose digital wallets were compromised.

    Prosecutors revealed that Urban, along with other members of the Scattered Spider gang, orchestrated a scheme to steal personal information from victims to hijack their phone numbers. The unauthorized access enabled them to take control of the victims’ online accounts and manipulate their cryptocurrency wallets to carry out the theft. This method highlights a growing trend in cybercrime where social engineering is exploited to bypass security measures.

    The criminal organization, Scattered Spider, has become notorious for its audacious attacks, including high-profile breaches at major Las Vegas casinos such as MGM Resorts and Caesars Entertainment. The gang posed as IT staff to deceive employees into revealing login credentials or gaining unauthorized access to internal systems.

    Urban gained infamy beyond the realm of cryptocurrency for leaking tracks from well-known music artists, including Ariana Grande and Playboi Carti, by breaching accounts of music industry executives, as covered in a report by Krebs on Security. His rapid rise in notoriety was accompanied by an aggressive approach to cybercrime, which ultimately led to his arrest in January 2024, when law enforcement stormed his residence.

    During the raid, authorities reported that Urban attempted to delete his computer data and social media history, indicating a desperate effort to destroy evidence of his criminal activities. As part of his plea agreement, he must forfeit not only his jewelry and currency but also $13 million in restitution to compensate 59 victims for their losses. Urban is expected to receive his sentence within the next 75 days.

    While Urban faces legal repercussions, charges against other alleged members of the Scattered Spider gang remain active. Some of Urban’s associates are believed to be operating from various international locations, seemingly unaffected by the ongoing investigation.