Collaborate Disseminate
LockBit3.0 claims to have hit CapitalHealth.org in New Jersey. In a listing posted on their site on January 7, the threat actors write, “We purposely didn’t encrypt this hospital so as not to interfere with patient care. We just stole over … Continue reading Capital Health acknowledges a cyberattack last month but details are lacking
January 5, 2024 NEW YORK – New York Attorney General Letitia James today announced an agreement with a Hudson Valley-area health care provider, Refuah Health Center, Inc. (Refuah), for failing to safeguard the personal and private health information of… Continue reading Attorney General James Reaches Agreement with Refuah Health Center to Invest $1.2 Million to Protect Patient Data and Pay $450,000 in Penalties to State
ArtForum reports: Several US arts institutions were rendered unable to display their collections online after a cyberattack struck a tech service provider used by the museums, the New York Times reports. Among those affected by the breach targeting Gal… Continue reading Major Us Museums Suffer Cyberattack Fallout
Aimee Hancock reports: The city of Huber Heights remains under a state of emergency as officials work to finalize recovery operations nearly two months after a cyberattack took down multiple government systems and functions. According to City Manager R… Continue reading Area city’s cyber attack: Functions restored, $350,000 spent, personal data issue in limbo
Insurance Journal reports: Merck & Co. Inc. has reportedly reached a deal with insurers over a closely-watched coverage dispute related to a massive cyberattack in 2017. The New Jersey Supreme Court in July 2023 agreed to hear the case after a stat… Continue reading Merck Settles Coverage Dispute With Insurers Over War Exclusion in NotPetya Attack
As incident response and public relations go, blaming victims for your breach is generally not an impressive strategy. Michael Edgar reports that 23andMe seems to be doing exactly that: Months after the San Francisco based company experienced a data b… Continue reading 23andMe Says Breach Victims Are to Blame, Legal Action is Futile
Ishita Tripathi reports: The DCBOE is under intense scrutiny regarding the October 2023 DC Election data breach. The two House Republicans, Representatives Bryan Steil (R-Wis.) and Laurel Lee (R-Fla.), have written a resolute letter demanding answers f… Continue reading Republican Representatives Demand Accountability in Wake of DC Elections Voter Data Breach
Data analyses and commentary by Emsisoft begins: “From 2016 to 2021, we estimate that ransomware attacks killed between 42 and 67 Medicare patients.” — McGlave, Neprash, and Nikpay; University of Minnesota School of Public Health1 In 2023, the U.S. was… Continue reading The State of Ransomware in the U.S.: Report and Statistics 2023
On August 1, DataBreaches noticed that Parathon by JDA e-Health had been listed on the Akira ransomware leak site. Neither Akira nor Parathon responded to DataBreaches’ inquiries at the time, as DataBreaches reported on August 6. On October 30, P… Continue reading Parathon by JDA e-Health: what we still don’t know about their July ransomware incident
Dave Rogers reports: Days after what was called a cyberattack shut down Anna Jaques Hospital’s health record system on Christmas, hospital administrators are saying little about what caused the massive failure or whether the problem has been reme… Continue reading Anna Jaques Hospital’s computer system compromised by cyberattack