PrivacySignal
Breach

New Spirals ransomware encrypts victim network in under 24 hours

BleepingComputer · · International · Data Breaches

A new ransomware actor called Spirals completed a corporate intrusion, from initial access to data theft and encryption, in less than 24 hours. [...]

Who should care: Cybersecurity · Privacy officers · Administrators

This summary is AI-assisted and may contain errors. It is an original briefing to help you gauge significance quickly — not a reproduction of the source. Always read the linked original before relying on it. See our methodology.

Related stories

Breach
HIPAA Journal · · US Federal

Vision Care Providers Settle Data Breach Class Actions

Two vision care providers, Total Vision in California and Naperville-area provider Naper Vision, have agreed to settlements resolving class action lawsuits stemming from data breaches. The cases were brought under health data privacy frameworks, with affected patients seeking compensation for the exposure of their personal and medical information.

Who should care: Cybersecurity · Privacy officers · Administrators · Healthcare professionals · Compliance

#breach#healthcare Read original →
Breach
Microsoft Threat Intelligence · · International

Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery

Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This analysis breaks down the attack chain, payload delivery, and recommended defenses. The post Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery appeared first on Microsoft Security Blog.

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →
Breach
DataBreaches.net · · International

Calgary 911 employee charged with breach of trust

A City of Calgary 911 employee has been charged with breach of trust after an investigation found she allegedly accessed and shared confidential information outside authorized channels. Calgary police say the investigation began in January following internal allegations about the unauthorized disclosure of sensitive data.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance

#breach#enforcement Read original →
Breach
DataBreaches.net · · International

WilmerHale Sued Over Client Personal Information Data Breach

A putative class action filed in federal court in Washington, D.C. accuses prominent law firm WilmerHale of negligence and breach of contract following a May data breach that allegedly exposed the personal information of thousands of clients. The plaintiffs are seeking millions of dollars in damages.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · General readers · Policy

#breach#enforcement#privacy Read original →
Breach
The Record · · International

23andMe reaches $18 million settlement with states for massive breach

A coalition of 42 state attorneys general has reached an $18 million settlement with genetic testing company 23andMe over cybersecurity failures that resulted in a large-scale data breach. The settlement resolves multistate legal action stemming from the company's failure to adequately protect user data.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance

#breach#enforcement Read original →
Breach
DataBreaches.net · · International

Files relating to India’s largest nuclear power plant Kudankulam exposed in data breach

Munsif Vengattil and Aditya Kalra Ransomware group World Leaks has posted on the dark web a huge cache of files related to India’s largest nuclear plant, including purported blueprints of parts of its ​facilities and supplier details — information it labelled as coming from Reliance Group. The Kudankulam Nuclear Power Plant, located in the southern... Source

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →