At a glance.
- Class action suits in the T-Mobile breach.
- AT&T says it wasn't breached by the ShinyHunters.
- St. Joseph’s/Candler returns to full operations as it recovers from ransomware.
Reports: class action suits coming in the matter of the T-Mobile breach.
The T-Mobile breach victim tally now totals more than 50 million, CNET reports, and the first class-action lawsuits were filed last Thursday in the US state of Washington, according to Bloomberg Law. Daruwalla vs. T-Mobile and Espanoza vs. T-Mobile both allege violations of the California Consumer Privacy Act, while the latter also cites the Washington State Consumer Protection Act. The accusations center on negligent data security, and reference the time and expense of mitigating privacy, identity, and fraud risks. Yahoo says the carrier is providing McAfee ID Theft Protection and Account Takeover Protection services.
AT&T denies criminals’ claims of a data breach.
AT&T, a leading US telco, is rebuffing reports that 70 million customers’ names, contact information, social security numbers, and birth dates are up for sale on the dark web as a result of a breach of their systems, BleepingComputer reports. 9to5Mac notes concerns that the data may also contain customers’ PINs. Market Research Telecast highlights the increased risks of fraud, hacking, phishing, and identity theft that would result from such a breach. The seller claims to represent the well-known criminal group ShinyHunters.
Some security researchers see reason to worry in the small but seemingly genuine data sample provided, according to BGR, in addition to the threat actor’s past involvement in attacks on Microsoft, Nitro PDF, Minted, and other companies. While AT&T denies suffering a breach, there’s speculation that the data could have originated from another source.
"I don't care if they don't admit. I'm just selling," commented the threat actor, ShinyHunters, who listed the dataset for a $1 million “buy now” price or $200 thousand initial bid. ShinyHunters also expressed willingness to negotiate with AT&T: “By the way, if AT&T is afraid and want their database taken off the market, they can contact me for an agreement, it has been done recently and both sides were satisfied.” The crook has been known to dump datasets free of charge if buyers aren’t found.
Update on the St. Joseph’s/Candler breach.
Savannah, Georgia-based healthcare system St. Joseph’s/Candler is once again “fully operational,” Savannah Morning News reports, following a ransomware attack discovered in June that interfered with files and communications. CEO Paul Hinchey commented, "There are a few hotspots where we have to change out computers. But…we're back electronically" after a temporary reversion to hard copies.
St. Joseph’s/Candler patients—whose names, social security numbers, birth dates, addresses, driver’s license numbers, insurance information, medical records, and financial information may have been exposed—are being offered a year of Experian’s IdentiyWorks services. The health system, Hinchey says, has “hired several national companies, one who does all the security for Amazon, and we put in all of these firewalls to make sure we mitigate that as best we can from ever happening again because once is enough."