Sergiu Gatlan reports: A financially motivated cybercriminal group known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the deployment of Clop ransomware payloads on victims’ networks. “Financially motivated cybercriminal group Sangria Tempest (ELBRUS, FIN7) has come out of a long period of inactivity,” the company said in…
Author: Dissent
NYS settles charges against PracticeFirst stemming from 2020 ransomware incident
In July 2021, Professional Business Systems, Inc. d/b/a Practicefirst Medical Management Solutions and PBS Medcode Corp., a medical management company that processes data for health care providers, issued a press release about a hacking incident that occurred in December 2020. As DataBreaches noted at the time, it appeared that they likely paid ransom because one line in their statement…
Apria Healthcare notifies 1.2 million patients of hacking incidents in 2019 and 2021
HIPAA requires that covered entities notify HHS and affected patients of a reportable breach within 60 calendar days of discovery of a breach. Exceptions are made if law enforcement asks an entity to delay notification so as not to interfere with an investigation, but such requests are infrequent. So why are we first finding out…
Cuba ransomware claims cyberattack on Philadelphia Inquirer
Bill Toulas reports: The Cuba ransomware gang has claimed responsibility for this month’s cyberattack on The Philadelphia Inquirer, which temporarily disrupted the newspaper’s distribution and disrupted some business operations. The Philadelphia Inquirer is Philadelphia’s largest (by circulation) newspaper. It is the third-longest continuously operating daily newspaper in the U.S., founded in 1829, and it has…
UK: Dorchester school’s IT system struck by ransomware attack
Faye Tryhorn reports: A Dorchester school’s been hit by a cyber attack, with hackers demanding a ransom. The Thomas Hardye School’s IT systems and website went down on Sunday night (21st May) with the problem discovered before lessons started on Monday morning. The school remains open, with teaching adapted as needed, and exams continuing as…
IT employee impersonates ransomware gang to extort employer
Bill Toulas reports: A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing his employer. A press release published yesterday by the South East Regional Organised Crime Unit (SEROCU) explains that in February 2018, the convicted man, Ashley Liles, worked as an IT Security Analyst…