Newsletter
Recent Breaches & Incidents
Ethan Grammer
Senior Infrastructure
& Cybersecurity Engineer
Guillermo Sanchez
Senior Cybersecurity Engineer
Fortinet confirms data breach after hacker claims to steal 440 GB of files
On September 12, 2024, Fortinet has confirmed a data breach following a hacker’s claim of stealing 440GB of files from the company. The breach was announced by a threat actor which was demanding a ransom. The breach highlights ongoing security challenges in the industry, emphasizing the importance of robust cybersecurity measures.
Fortinet issued a notice stating the company is investigating the breach and has implemented measures to secure its environment. Fortinet reassured customers that they are prioritizing transparency and are working to mitigate any potential impact. They also emphasized their commitment to enhancing security protocols and will provide updates as the situation develops.
External Links:
Biotech Company Reaches $4.5 million Settlement for 2023 Data Breach
It was announced on September 11, 2024, that EnzoBiochem, a New York based biotechnology company reached a settlement with the states of New York, New Jersey, and Connecticut that would cost them $4.5 million as a result of their 2023 data breach. Of the $4.5 million that EnzoBiochem is required to pay, the state of New York will receive roughly $2.8 million of the settlement based on the number of residents that were impacted by the breach.
In 2023, EnzoBiochem experienced a data breach that impacted 2.4 million patients as a result of exploited employee credentials. Among the data stolen by the threat actors was personal information, including names, dates of birth, social security numbers, and medical diagnosis information. It was also reported at the initial time of breach that EnzoBiochem did not have a system in place for suspicious activity monitoring.
External Links:
CMS Third-Party Data Breach Impacts 964,000 Individuals
On September 6, 2024, The Centers for Medicare & Medicaid Services (CMS) announced that a third-party vendor had suffered a data breach that impacted more than 964,000 individuals and resulted in the compromise of personally identifiable information (PII). CMS released recommendations for impacted individuals to freeze their credit and enroll in credit monitoring services to prevent potentially malicious activity utilizing their PII.
The Wisconsin Physicians Service Insurance Corporation (WPS) is reported to be the third-party that suffered the data breach which impacted CMS. It was reported that threat actors took advantage of an unpatched vulnerability within the MOVEit software in May 2023, although CMS was not notified of the breach until July 2024. WPS indicated that initial investigation in May 2023 did not find that PII was a part of the breach, but later forensic investigation that took place in cooperation with law enforcement did find that there was PII found among the compromised data.
External Links:
Celito is a team of experienced IT Executives, Industry Professionals, and Business Consultants focused on the life sciences industry.
Products
Consulting
Company
Celito Tech, Inc.
CORPORATE HEADQUARTERS
2100 Geng Road Suite #210
Palo Alto, CA 94303
US OFFICE LOCATION
842 Main St.
Redwood City, CA 94063
+1 650.374.2121
Celito Tech, Inc.
INDIA OFFICE LOCATION
Celito Tech India Pvt Ltd.
Flat No.A105, 1st Floor
Aditya's Imperial Heights,
Hyderabad, Rangareddi-500049
Telangana, India
+91 984.902.4174
Privacy Policy | Cookie Policy | Terms of Service | Copyright 2021 © Celito Technology Inc