Hospital for Special Surgery
October 2, 2020
•[ insider, malware, healthcare ]
Richard Liriano was sentenced yesterday to 30 months in prison for engaging in a scheme to use malicious software programs, including a program known as a "keylogger," on dozens of his coworkers' computers at a New York City-area hospital, secretly obtaining user names and passwords to his victims' personal email and other accounts, and using that unauthorized access to steal private and confidential files.
Commonwealth Scientific and Industrial Research Organisation
September 21, 2020
•[ insider, malware, government ]
The Australian Federal Police (AFP) on Monday announced the sentencing of a 34-year old man from Sydney for using Commonwealth Scientific and Industrial Research Organisation (CSIRO) equipment to carry out cryptocurrency mining.
Geisinger Berwick
September 19, 2020
•[ insider, healthcare ]
Geisinger Berwick is notifying more than 700 patients whose patients' records were accessed without justification by a now-former employee.
Secure Data Technologies, Inc.
September 11, 2020
•[ hack, insider, leak ]
Secure Data Technologies, Inc. sued a former employee for hacking the company's emai system and removing confidential and proprietary information.
Tesla's Nevada Gigafactory
August 28, 2020
•[ ransomware, insider, leak ]
The FBI thwarted the plans of 27-year-old Russian national Egor Igorevich Kriuchkov to recruit an insider within Tesla's Nevada Gigafactory, persuade him to plant malware on the company's network, and then ransom Tesla under threat that he would leak data stolen from their systems.
Instacart
August 20, 2020
•[ insider, misconfiguration, retail ]
US-based grocery delivery and pick-up service Instacart has disclosed a security incident that involved unauthorized access of customer information by two support agents from a third-party vendor retained by the company.
Tennessee State Univesity
August 17, 2020
•[ financial, insider, education ]
A former admissions worker at Tennessee State University (TSU) was sentenced to more than 30 months in federal prison after pleading guilty to student loan, wire fraud and aggravated identity theft. He was arrested for managing an elaborate scheme to steal and divert $84,506 in student loans into a bank account set up using a false name and Social Security number.
Ashley County Medical Center
August 10, 2020
•[ insider, misconfiguration, healthcare ]
Ashley County Medical Center is investigating a former employee who they claim inappropriately accessed medical records. It appears that the information was viewed out of curiosity and has not been shared with a third-party.
Lousiana 2nd Circuit Court of Appeals
August 6, 2020
•[ insider, government ]
Attorney Trina Chu is charged with illegally copying sensitive court documents from the Louisiana 2nd Circuit Court of Appeals in 2018.
Stradis Healthcare
July 1, 2020
•[ insider, misconfiguration, healthcare ]
A former vice president of a company in Georgia has been sent behind bars for sabotaging systems and causing delays in the shipment of Personal Protective Equipment (PPE).
Unnamed medical device packaging company
March 29, 2020
•[ hack, insider, manufacturing ]
Christopher Dobbins has been sentenced to federal prison for hacking his former employer and sabotaging their electronic shipping records, causing more than $200,000 in damage and delaying the shipment of personal protective equipment.
Marriott International
January 1, 2020
•[ insider, misconfiguration ]
poor security/inside job
Now:Pensions
January 1, 2020
•[ insider, financial ]
rogue contractor
Club Penguin Rewritten
July 26, 2019
•[ insider, hack, leak ]
A disgruntled administrator leaves a backdoor in Club Penguin Rewritten (a kids' gaming website) that enabled hackers to steal login data for a little over 4 million accounts.
Bithumb
March 30, 2019
•[ hack, insider, financial ]
Bithumb is hacked for the second time in less than a year as attackers (probably an insider job) manage to steal $21 million worth (3 million EOS coins and 20 million XRP).
Post Rock Rural Water District
March 27, 2019
•[ insider, misconfiguration, government ]
Kansas WWS is hacked by former employee able to use creditentials to remotely tamper with facility processes and threaten safety of drinking water.
UK Labour Party
February 21, 2019
•[ insider, misconfiguration, government ]
The UK's Labour Party locks down access to membership databases and campaign tools after a number of attempts to access personal data on its systems by "individuals who are not, or are no longer, authorized to do so".
Desjardins
January 1, 2019
•[ insider, finance ]
inside job
Healthcare
November 1, 2018
•[ insider, healthcare ]
Colbi Trent Defiore, an employee at a Virginia tech company, has been sent to prison for stealing PII from Healthcare.gov customers. Defiore improperly accessed the Healthcare.gov database several times in November 2018 and used the stolen information to commit fraud.
