PrivacySignal
← Front page
Breach

CISA Admin Leaked AWS GovCloud Keys on Github

Krebs on Security · · International · Data Breaches

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.

Who should care: Cybersecurity · Privacy officers · Administrators

#breach
Read the original at Krebs on Security → Browse the archive

This summary is AI-assisted and may contain errors. It is an original briefing to help you gauge significance quickly — not a reproduction of the source. Always read the linked original before relying on it. See our methodology.

Related stories

Breach
DataBreaches.net · · International

Russian Hackers Behind the $2.5 Billion Jaguar Land Rover Cyberattack, Investigators Say

Rex Edison reports A single cyberattack dented an entire country’s GDP. The Cyber Monitoring Centre estimates that the ransomware assault on Jaguar Land Rover cost the UK economy £1.9 billion — roughly $2.5 billion — rippling through more than 5,000 businesses and dragging car production to levels not seen since 1952. The Bank of England flagged the damage in its economic outlook. Now, after months... Source

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →
Breach
DataBreaches.net · · International

First Circuit Affirms Dismissal of Data Breach Class Action for Lack of Traceable Injury

Melanie Conroy of Pierce Atwood LLP writes: The First Circuit recently affirmed dismissal of a putative data breach class action against Bayamón Medical Center (BMC), holding that the plaintiff failed to plausibly allege that her injuries were traceable to the healthcare provider’s 2019 ransomware attack. In Santos-Pagán v. Bayamón Medical Center, the court concluded that allegations... Source

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →
Breach
BleepingComputer · · International

Polymarket customers lose $3 million in supply-chain attack

Polymarket says it will fully reimburse customers who lost an estimated $3 million after hackers injected a malicious script into the platform's frontend following a breach at a third-party vendor. [...]

Who should care: Cybersecurity · Privacy officers · Administrators

#breach Read original →
Breach
HIPAA Journal · · US Federal

Okanogan Behavioral Healthcare Settles Class Action Data Breach Lawsuit

Okanogan Behavioral Healthcare, a Washington-based mental and behavioral health provider, has reached a class action settlement following a data breach that exposed patient information. The settlement resolves claims brought by affected individuals whose personal and health data was compromised.

Why this matters: Breaches at behavioral health providers are particularly sensitive, as exposed data can include mental health diagnoses, treatment histories, and substance use records — information that carries stigma and potential consequences for employment, custody, or insurance if disclosed.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · Healthcare professionals

#breach#enforcement#healthcare Read original →