Towards the end of April, officials for the City of Helsinki in Finland discovered some unauthorized activity on their network after an unknown hacker gained remote access through a server vulnerability. During the investigation, it was revealed that a patch was available for the exploited vulnerability but had not been installed, leaving sensitive information for 80,000 students and parents exposed to the hackers. It is believed that sensitive information on city employees was also compromised.
Santander Bank confirms third-party breach
Earlier this week, staff at several regional locations of Santander Bank confirmed that customer data for Chile, Spain, and Uruguay had been compromised during a breach of a third-party hosting provider. Shortly after discovering the breach, officials locked down the affected database and removed unauthorized users, though they also revealed that current and former employees may have been impacted too.
Embargo extortion group leaks 500GB of Australian lender data
Recently, the threat actors behind the Embargo extortion group leaked a data trove that allegedly contains 500GB of data that was stolen from the Australian lender, Firstmac Limited. The following investigation confirmed that an unauthorized user had gained access to their internal systems and accessed a significant amount of personally identifiable information for thousands of Firstmac customers.
Mississippi healthcare provider suffers massive data breach
Following a security incident and subsequent ransomware attack in August of 2023, staff for the Mississippi healthcare provider, Singing River Health System (SRHS) have disclosed to the Maine Attorney General’s Office that sensitive data for nearly 900,000 individuals has been compromised. The investigation revealed that personally identifiable information including financial and health records were affected by the data breach and could be used for additional phishing attacks.
University System of Georgia affected by 2023 MOVEit attack
Nearly one year after the MOVEit file transfer attacks were carried out by the Clop ransomware group, staff at the University System of Georgia (USG) began notifying 800,000 former and current students and staff that their information had been compromised. While the initial MOVEit attacks occurred in May of 2023, affected USG individuals did not begin receiving notices of the breach until Mid-April of 2024, leaving many confused on why it took such a large organization so long to discover the incident and report it properly.
