The Office of Inadequate Security
On Christmas, December 2023, Anna Jaques Hospital (AJH) in Massachusetts was grappling with a cyberattack that knocked out their EHR system and resulted in them having to divert ambulances to other area hospitals. On January 23, they posted a preliminary website notice (archived) about the attack. That notice was posted four days after threat actors…
Here’s today’s reminder of the insider threat. It’s a shame they don’t explain how the employee was able to access the patient’s information or why it was accessed. From the U.S.A.O. of the Western District of Michigan: GRAND RAPIDS – U.S. Attorney for the Western District of Michigan Mark Totten today announced that Jessica Nicole Pitcher,…
Termite threat actor(s) have now claimed responsibility for the Blue Yonder ransomware attack that has caused widespread impact. They provide no proof as yet, but a note posted on their dark web leak site several hours ago says, “Our team got 680gb of data such as DB dumps Email lists for future attacks (over 16000)…
On January 9, 2024, DataBreaches reported that French national Sébastien Raoult had been sentenced in a Seattle federal court, but might be out in 11 months. As a suspected member of ShinyHunters, Raoult (aka “Sezyo Kaizen”) had been extradited to the U.S. after being detained in Morocco on his way home to France from a…
Not all monetary penalties are for breaches affecting large numbers of patients. In this case, HHS imposed a penalty on an entity that had breaches in both 2017 and 2020. DataBreaches notes that the 2017 incident affected 3,370 patients, and the 2020 incident affected 2,553 patients — as reported to HHS at the time. Today,…
Balaji N reports: Notorious ransomware group Brain Cipher has claimed to have breached Deloitte UK, allegedly exfiltrating over 1 terabyte of sensitive data from the professional services giant. Brain Cipher is a ransomware group that emerged in June 2024, quickly gaining notoriety for its cyberattacks on organizations worldwide. Notably, it was responsible for a significant attack on…