Collaborate Disseminate
LockBit3.0 claims to have hit CapitalHealth.org in New Jersey. In a listing posted on their site on January 7, the threat actors write, “We purposely didn’t encrypt this hospital so as not to interfere with patient care. We just stole over … Continue reading Capital Health acknowledges a cyberattack last month but details are lacking
Doug Levin recently wrote on Infosec.Exchange: Rant incoming. The frequency with which I read folks asserting that ‘education’ and in particular ‘U.S. K-12 schools’ are the most frequent ransomware target is so frustrating. Of c… Continue reading A point worth considering
On August 1, DataBreaches noticed that Parathon by JDA e-Health had been listed on the Akira ransomware leak site. Neither Akira nor Parathon responded to DataBreaches’ inquiries at the time, as DataBreaches reported on August 6. On October 30, P… Continue reading Parathon by JDA e-Health: what we still don’t know about their July ransomware incident
Lawrence Abrams writes: 2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities. Some stories, though, were more impactful or popular with our 22 million … Continue reading The biggest cybersecurity and cyberattack stories of 2023
DataBreaches previously reported a breach involving Integris Health in Oklahoma. The incident did not involve encryption, but the threat actors were reportedly contacting patients directly and offering to remove their protected health information for a… Continue reading Recent attacks on Fred Hutch and Integris: Is attempting to extort patients directly becoming the “new normal?”
On December 24, Integris Health of Oklahoma started contacting patients about a cyberattack on November 28. The unnamed threat actors did not encrypt any of the health system’s files, but Integris learned that patients were being contacted direct… Continue reading Integris Health notifying patients of hack and warning them not to respond to the hackers
On December 22, ProSmile Holdings, LLC in New Jersey issued a press release about a data breach. If ProSmile — a dental service organization — is a business associate or otherwise covered under HIPAA, no report from them has shown up yet on… Continue reading ProSmile issues breach disclosure that creates more questions than it answers
On December 22, Clay County published a notice on its website about a ransomware attack in October. According to its notice, on October 27, 2023, the county determined that its network had been impacted by a ransomware attack between October 23 and 26…. Continue reading Clay County, Minnesota discloses ransomware attack in October
Myind reports: India’s state-owned telecom operator, Bharat Sanchar Nigam Ltd (BSNL), experienced a substantial data breach, placing the personal information of thousands of users at risk. Reports indicated that a threat actor on the dark web had… Continue reading BSNL experiences data breach, hacker shares some information on the dark web
Nicole DeFeudis reports: AbbVie accused a former employee and a rival oncology developer of stealing trade secrets about its antibody-drug conjugate programs. The pharma giant on Friday filed suit in California federal court against Adcentrx and scient… Continue reading AbbVie files trade secrets suit against Adcentrx and former employee