Collaborate Disseminate
Christian Vasquez reports: The FBI is seeing progress in the fight against ransomware gangs after conducting more than 30 disruption operations this year in which officials targeted the infrastructure used by those groups, one of the bureau’s top cyber… Continue reading FBI has conducted more than 30 disruption operations in 2024
HHS OCR announced a second ransomware investigation settlement today. This one involved Bryan County Ambulance Authority (BCAA), a provider of emergency medical services in Oklahoma. The Bryan County Ambulance Authority breach occurred in November 202… Continue reading HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $90,000
Over on Infosec.Exchange, Wendy Nather mentioned an open letter that is noteworthy for its approach to improving cybersecurity. The letter to presidential candidates’ transition teams, relevant federal agencies, and members of Congress begins: Th… Continue reading Open Letter to Prioritize Community Cybersecurity
How many data breaches can an entity have before either some regulator steps in with a corrective action plan or something happens to reduce the likelihood of more breaches? Consider the following: Breach # 1 On February 22, 2022, Minuteman Senior Ser… Continue reading How many similar breaches can one entity have in one year before regulators do something?
Ravie Lakshmanan reports: Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has b… Continue reading North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
In April 2023, DataBreaches reported two ransomware groups had each listed Albany ENT & Allergy Services (AENT) on their respective leak sites. But one month later, when AENT sent notifications to regulators and 224,486 affected employees and pati… Continue reading Albany ENT & Allergy Services settles state charges stemming from two patient data breaches; agrees to spend $2.25M on security program
Kara Arundel reports: … Ransomware — where threat actors use malware to block access to network systems and then demand payment to unlock it — has been ballooning in the K-12 sector over the last seven years, according to the K12 Security Informa… Continue reading School ransomware attacks are on the rise. What can districts do?
Over on SuspectFile, Marco A. De Felice writes: In August 2023, Postel S.p.A., a leading Italian company in the postal services and digital communications sector, became the victim of a serious cyberattack. The Medusa cybercriminal group exploited unre… Continue reading Postel S.p.A. and the 2023 Data Breach: The Medusa Attack and Sanctions from the Data Protection Authority
The following is a machine translation of a report at the Russian news outlet, Kommersant, concerning the sentencing of four members of the REvil ransomware group: On Friday, October 25, the St. Petersburg Garrison Military Court announced the verdict … Continue reading Four members of REvil sentenced by Russian court
Microsoft writes: The healthcare sector faces a rapidly increasing range of cybersecurity threats, with ransomware attacks emerging as one of the most significant. A combination of valuable patient data, interconnected medical devices, and small IT/cyb… Continue reading US Healthcare at risk: Strengthening resiliency against ransomware attacks