Phishing Watchdog – Stay Safe with Instant Alerts


Hackers Scrape 90,000 GETTR User Emails, Surprising No One

6th July 2021 | Target: Gettr | Reported Here

Hackers were able to scrape the email addresses and other data of more than 90,000 GETTR users.

On Tuesday, a user of a notorious hacking forum posted a database that they claimed was a scrape of all users of GETTR, the new social media platform launched last week by Trump’s former spokesman Jason Miller, who pitched it as an alternative to “cancel culture.” The data seen by Motherboard includes email addresses, usernames, status, and location.


[above via Vice post] Update 1 / Update 2


Ransomware Attacks Hits PractiseFirst

5th July 2021 | Target: Practicefirst | Reported Here

Practicefirst, an Amherst, New York-based medical management services provider, on July 1 reported to federal regulators a breach that occurred late last year.

The company’s breach notification statement appears to indicate that the firm paid a ransom in exchange for promises that the attackers would destroy and not further disclose files stolen in the incident.


[above via Govinfosecurity post] Update 1


16k L&I Workers’ Data Compromised

2nd July 2021 | Target: Pacific Market Research (PMR) | Reported Here

Sensitive information on over 16,000 workers may have been exposed in a ransomware attack on a Renton market research company’s data system.

Pacific Market Research (PMR) “recently notified” the Washington state Department of Labor and Industries, one of its clients, about the May 22 attack, according to a Thursday L&I news release.

An unauthorized party accessed PMR’s network and encrypted their servers during the attack, affecting an L&I file with sensitive information, according to the release.


[above via The Olympian post] Update 1


Ransomware Hits Arthur J. Gallagher (AJG)

2nd July 2021 | Target: Arthur J. Gallagher (AJG) | Reported Here

Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September.

“Working with the cybersecurity and forensic specialists to determine what may have happened and what information may have been affected, we determined that an unknown party accessed or acquired data contained within certain segments of our network between June 3, 2020 and September 26, 2020,” AJG said.


[above via Bleeping Computer post] Update 1


REvil ransomware hits 200 companies in MSP supply-chain attack

2nd July 2021 | Target: Kaseya | Reported Here

In a statement late Friday evening, Kaseya CEO Fred Voccola confirmed that the company’s Incident Response team caught wind of the attack mid-day and immediately shut down their SaaS servers as a precautionary measure, despite not having received any reports of compromise from any SaaS or hosted customers.

“[We] immediately notified our on-premises customers via email, in-product notices, and phone to shut down their VSA servers to prevent them from being compromised. We then followed our established incident response process to determine the scope of the incident and the extent that our customers were affected,” Voccola said.


[above via Zdnet post] Update 1 / Update 2


Microsoft’s Halo dev site breached using dependency hijacking

29th June 2021 | Target: Microsoft | Reported Here

Microsoft has actually once more been efficiently struck by a dependency hijacking assault.

Previously, as initially reported by BleepingComputer, a scientist had morally hacked over 35 significant technology companies, consisting of Microsoft, by manipulating a weak point called “dependency confusion.”

This month, one more scientist discovered an npm interior dependency being made use of by an open-source task.


[above via Techtwiddle post] Update 1


Technisanct has disclosed serious data breach

25th June 2021 | Target: Technisanc | Reported Here

Kochi-based cybersecurity and big data startup, Technisanct, has disclosed ‘serious data breach’ in a trading platform in India. Information of over 3.4 million customers were compromised, according to a statement from the cybersecurity startup. Personal Identifiable Information (PII) which includes name, customer ID, contact number, email ID, trade login ID, branch ID, city and country were leaked. The security breach was identified by Technisanct’s digital risk monitoring tool ‘Integrite’.

The data of the customers has been kept for sale on a data-sharing platform for 8 of their credits. The information was published on June 15 and the incident was reported to CERT by Technisanct.


[above via The Week post] Update 1 


Fleury hit by REvil ransomware attack

23rd June 2021 | Target: Fleury Medical Diagnostics | Reported Here

This week, Brazilian healthcare giant Grupo Fleury suffered a ransomware attack. Business operations were impaired up to the point that systems had to be shut down, leaving patients unable to book appointments for labs and other medical examinations online.

On the 22nd of June, the Grupo Fleury website began displaying a warning message, alerting to the fact that its systems were suffering an attack, but that the company was doing its best to remediate the damage. The message also stated that “the causes of this unavailability originated from the attempted external attack on [their] systems, which are having operations re-established with all the resources and technical efforts for the rapid standardization of services.”


[above via It Security Guru post] Update 1 


Fertility clinic discloses data breach exposing patient info

20th June 2021 | Target: Fertility Clinic | Reported Here

A Georgia-based fertility clinic has disclosed a knowledge breach after recordsdata containing delicate affected person data have been stolen throughout a ransomware assault.

Reproductive Biology Associates, LLC, (RBA) is a fertility clinic that recruits egg donors, retrieves eggs, and shops them for later use by recipients, together with these utilizing the MyEggBank service.


[above via Technicalripon post] 


Wegmans notifies customers of data breach

18th June 2021 | Target: Wegmans | Reported Here

Wegmans Food Markets were hit with a database breach that exposed customers’ information — name, address, email, birth date — but no social security numbers or financial information.

The Rochester, New York supermarket said in a press release that “a previously undiscovered configuration issue” led to two of its internal cloud databases being inadvertently left open to potential outside access. The company said it notified its customers that no financial information or social security numbers were involved since the company doesn’t collect or store that data.


[above via Pymnts post] Update1 / Update 2