On February 23, HHS received a breach submission from Weill Cornell Medicine in New York. The submission reported that 516 patients were affected by an incident involving Unauthorized Access/Disclosure of data in Electronic Medical Records (EMR). DataBreaches emailed the hospital to request an explanation and received the following statement from a spokesperson: After thorough investigation,…
Cyber OpSec Fail: Beast Gang Exposes Ransomware Server
Robert Lemos writes: An open server hosted on a German cloud provider’s systems has been discovered, containing the entire toolset of a member of the Beast ransomware group. The find exposes the tactics, techniques, and procedures of the threat actor, but also reveals that Beast shares many of those TTPs with other ransomware gangs. According…
Strengthening Cybersecurity in Canada’s Municipal Sector: A Verified Analysis
From the Nonprofit Tech Support: When the City of Hamilton suffered a ransomware attack on February 25, 2024, it marked a sobering milestone in Canadian municipal cybersecurity. The attack crippled roughly 80% of Hamilton’s network, impacting services from business licensing to the fire department’s records. Attackers demanded an $18.5 million ransom, which the city refused…
Jaguar Land Rover’s cyber bailout sets worrying precedent, watchdog warns
Carly Page reports: The UK’s cyber watchdog has warned that the government’s £1.5 billion bailout of Jaguar Land Rover (JLR) risks setting a troubling precedent for how Britain handles major cyber crises. Speaking at an event marking the Cyber Monitoring Centre’s (CMC) first operational year, Ciaran Martin, chair of the CMC’s technical committee and a distinguished fellow…
Global cybercrime crackdown: over 373,000 dark web sites shut down
From Europol, some impressive results: On 9 March 2026, a global operation led by German authorities and supported by Europol was launched against one of the largest networks of fraudulent platforms in the dark web. The investigation began in mid-2021 against the dark web platform “Alice with Violence CP”. During the investigation, authorities discovered that…
University College of Dublin staff member due in court over accessing student data
Paul Reynolds provides today’s reminder of the insider threat. This one involves a univeristy in Dublin, Ireland. A UCD staff member is due in court this morning charged in connection with unlawfully accessing student data at the college. The man, who is in his 50s, was arrested this morning following an investigation by the Garda…