Here’s your weekly #databreach news roundup:
Harbour Plaza hotel, Chicago’s South Shore Hospital, Extend Fertility Clinic, Parasol, Internet Society, Saginaw corporation – Morley Services, Ottawa truckers’ Freedom Convoy, and NSW.
Harbour Plaza Hotel
The Privacy Commissioner for Personal Data ('PCPD') said it had received a #databreach notification from Harbour Plaza Hotel Management Limited, on 9 February 2022, which reported a cybersecurity attack, affecting approximately 1.2 million customers.https://t.co/oXITmWKnd2— DevaOnBreaches (@DevaOnBreaches) February 19, 2022
Hong Kong’s privacy watchdog is investigating a cyberattack against the Harbour Plaza hotel group that exposed the booking details of more than 1.2 million guests.
The Office of the Privacy Commissioner for Personal Data said on Friday that it had received reports from Harbour Plaza Hotel Management Limited two days ago about a cybersecurity incident involving several databases for room reservations.
Given the large number of people affected, the office said it had launched an investigation and had approached the company for more information, including what type of personal data was leaked.
Chicago’s South Shore Hospital
Chicago’s South Shore Hospital has started notifying 115,670 current and former patients about a December 2021 cyberattack on its network. Suspicious activity was identified on its network on December 10, 2021, and prompt action was taken to contain the incident. Emergency protocols were implemented to ensure care could continue to be safely provided to patients.
South Shore Hospital engaged a team of third-party computer forensics experts to investigate the security breach and determine whether patient information was accessed or stolen. The investigation confirmed the attackers gained access to parts of its network where files were stored that contained the protected health information of patients and employee data, including names, addresses, dates of birth, Social Security numbers, health insurance information, medical information, diagnoses, health insurance policy numbers, Medicare/Medicaid information, and financial information.
Extend Fertility Clinic
A fertility clinic based in New York City is notifying patients that their personal data may have been compromised and possibly stolen during a recent cyber-attack.
Extend Fertility, specializing in IVF and freezing eggs and embryos, was hit with ransomware in December 2021. The clinic hired third-party digital forensic specialists to determine the incident’s nature and scope.
“On December 20 2021, we discovered a ransomware incident that impacted our networks and servers which contained protected health and personal information of some of our patients,” said Extend Fertility in a data breach notice.
“After discovering the incident, we quickly took steps to secure and safely restore our systems and operations.”
A month-long investigation into the attack found that cyber-criminals had access to servers on which the protected health information (PHI) and personal data of some of the clinic’s patients was stored.
“The investigation determined that on or about December 15, 2021, an unauthorized individual accessed our systems and likely obtained some information,” said Extend Fertility.
IT contractors are taking it upon themselves to investigate whether their personal data has been compromised in the Parasol umbrella company #databreach, after growing frustrated at the time it is taking the company to provide updates on the situation.https://t.co/ecujt7Tehl— DevaOnBreaches (@DevaOnBreaches) February 17, 2022
IT contractors are taking it upon themselves to investigate whether their personal data has been compromised in the Parasol umbrella company data breach, after growing frustrated at the time it is taking for the payroll processing company to provide updates on the situation.
Computer Weekly has spoken to a handful of systems administrators and IT security contractors, employed through Parasol, who have spent the past few days downloading hundreds of gigabytes of data and thousands of files from the dark web that are known to belong to the company and its subsidiaries.
At the same time, a group action is being prepared by London-based law firm Keller Lenkner to seek compensation for contractors caught up in the breach, with its own data suggesting that some of the leaked data could date back more than 10 years.
The Internet Society (ISOC), a non-profit dedicated to keeping the internet open and secure, has exposed its 80,000-plus members’ personal data on a third-party vendor through an unprotected Microsoft Azure cloud repository.@Ad_Nauseum74https://t.co/YqPYeuIxwg— DevaOnBreaches (@DevaOnBreaches) February 17, 2022
The Internet Society (ISOC), a non-profit dedicated to keeping the internet open and secure, has blamed the inadvertent exposure of its 80,000-plus members’ personal data on a third-party vendor.
The data, which was publicly accessible on an unprotected Microsoft Azure cloud repository, comprised millions of JSON files including, among other things, full names, email and mailing addresses, and login details.
“Based on the size and nature of the exposed repository, we can assume that all of the members’ login and adjacent information was open to the public internet for an undefined period of time,” said cybersecurity firm Clario in a blog post today (February 15).
Helped by independent researcher Bob Diachenko, security researchers from Clario made the discovery and alerted the Internet Society on December 8, 2021. The repository was secured a week later, on December 15.
Diachenko told The Daily Swig that the data was probably exposed for at least one month.
Saginaw corporation - Morley Services
An August data breach at Saginaw-based Morley Services affected more than 521,000 former employees, current employees and customers.
Anyone impacted by the data breach was notified at the beginning of February.
“Morley is not aware of any evidence indicating the misuse of any information potentially involved in this incident,” the business services corporation said in a statement.
Ottawa truckers’ Freedom Convoy
A leak site says it has received a cache of information, including about donors to the Ottawa truckers’ Freedom Convoy protest, after fundraising site GiveSendGo was targeted by hackers overnight.
On Monday, GiveSendGo’s website said it was “under maintenance,” hours after the site was hijacked and redirected to a page believed to be controlled by the hackers, which no longer loads. The redirected page condemned the truckers who descended on Canada’s capital to oppose mandatory COVID-19 vaccinations, causing widespread disruption to traffic and trade for more than a week.
The page also contained a link to a file containing tens of thousands of records of what was described as “raw donation data” about those who donated to the Freedom Convoy.
The addresses of more than 500,000 organisations including defense sites, a missile maintenance unit, and domestic violence shelters were inadvertently made public in the first #databreach of the NSW government’s massive trove of QR code data.@jekearsley https://t.co/EE2KXuMw2p— DevaOnBreaches (@DevaOnBreaches) February 15, 2022
The addresses of more than 500,000 organisations including defence sites, a missile maintenance unit and domestic violence shelters were inadvertently made public in the first major breach of the NSW government’s massive trove of QR code data.
Premier Dominic Perrottet said the information was uploaded in error and the bungle, which has alarmed privacy advocates and women’s safety advocates, “shouldn’t have happened”.