Week in Breach

In the news this week: highly-sensitive medical conversations accessed from a Swedish health phone line, rogue politicians stir up data breach anarchy in the U.K., restaurant customer credit cards exposed across 100+ establishments in 9 U.S. states, and an Australian hospital faced with ransom demands to unlock stolen files.

Dark Web ID Trends:
Top Source Hits: ID Theft Forums (99%) 
Top Compromise Type: Domain (99%)
Top Industry: Business & Professional Services
Top Employee Count: 11 – 50 Employees

United States – North Country Business Products

Exploit: Malware injection into point-of-sale (POS) systems
North Country Business Products: A Minnesota-based provider of POS systems for the hospitality sector
>> Read full details on our blog.


United States – Memorial Hospital at Gulfport 

Exploit: Phishing
Memorial Hospital at Gulfport: Hospital in Gulfport, Mississippi
>> Read full details on our blog. 


United States – American Consumers

Exploit: Malvertising campaign
American consumers: Users in the U.S. exposed to malicious campaign that garnered over 800 million impressions online
>> Read full details on our blog. 


United States – AdventHealth Medical Group

Exploit: Malware
AdventHealth Medical Group: Taveras, Florida-based health care practice 
>> Read full details on our blog. 


Sweden – Medhelp & Medicall

Exploit: Unencrypted web server
Medhelp & Medicall: Firms administrating a Swedish medical helpline
>> Read full details on our blog. 


United Kingdom – Labour Party

Exploit: Theft of data from member databases
Labour Party: a center-left political party in the United Kingdom
>> Read full details on our blog. 


Australia – Melbourne Heart Group

Exploit: Ransomware
Melbourne Heart Group: Cardiology practice based at the Cabrini Hospital in Malvern, Australia
>> Read full details on our blog. 

 

 

In Other News:

The U.K. has seen its first group litigation case concerning data breach, and the organization in question, the supermarket chain Morrisons, was found vicariously liable for the actions of one of its employees.

A disgruntled employee posted a file on a file-sharing website that included data on nearly 100,000 of his colleagues…

Read more