On September 2, the NoEscape ransomware group added Mulkay Cardiology Consultants to their leak site and claimed to have successfully encrypted them. “We have 60GB of confidential and personal data on more than 30,000 patients, scans, doctor’s conclusions about patients and many other confidential information,” they claimed in their listing about the New Jersey medical…
Month: September 2023
MGM, Caesars casino hacks point to an alliance of teens and ransomware gangs
Joseph Menn reports on the group of hackers some have called “Scattered Spider:” … New research being presented Friday at the LABScon security conference outside Phoenix gives an origin story to the hackers, who the experts say call themselves Star Fraud. They say the group consists of a few dozen hackers who have connected online…
National Student Clearinghouse notifies California on behalf of almost 900 schools affected by MOVEit breach
Well, we expected there would be a lot of schools notified by the National Student Clearinghouse about the MOVEit breach, but now we have a bit more of the scope. NSC has notified the California Attorney General’s Office on behalf of almost 900 schools. Their notification letter to those affected indicated that the types of…
Pain Care Specialists may be feeling the pain of a ransomware attack
It appears that Pain Care Specialists in Oregon became the victim of an attack by AlphV. The threat actors added the medical entity to their leak site earlier today with some files with personal information on employees and patients. AlphV’s listing noted that the breach occurred on September 13, and, “As a result of our…
Leander ISD sends email about students’ vaccination status to over 200 people
Melia Masumoto reports: Cedar Park Middle School sent out an email to 207 parents earlier this week, requesting updated vaccine records. But without blind coping the email addresses, every address on the email was visible to all the recipients. … The email requested an updated immunization record for those students because they were missing the…
Nansen Warns Of Potential Phishing Attacks Following Vendor Security Incident Exposing Customer Data
Liam ‘Akiba’ Wright reports: Crypto analytics platform Nansen has revealed that a bad actor accessed its admin system to provision customer accounts. On Sept. 20, a security breach by one of Nansen’s third-party vendors led to compromised customer access, underscoring the ever-present digital risk, particularly in the continually evolving arena of blockchain technology and cryptocurrency….