While the ransomware attack on the Oregon Department of Environmental Equality (DQE) is making headlines this month, there was also an update to a lawsuit stemming from the MOVEit breach in 2023 that affected 3.5 million Oregonians whose driver’s license and identity information was held by the Oregon Driver and Motor Vehicle Services. Aimee Green…
Author: Dissent
HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation with Comprehensive Neurology, PC
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Comprehensive Neurology, PC (Comprehensive), a small New York neurology practice, concerning a potential violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. The settlement resolves an OCR investigation of a ransomware…
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here’s the conclusions!
Catalin Cimpanu writes: There are a handful of seminal reports in the cybersecurity industry, and lo and behold, three of them were released on Wednesday. Mandiant’s team, now part of Google Cloud, released M-Trends, Verizon released its Data Breach Investigations Report (aka DBIR), and the FBI Internet Crime Complaint Center (IC3) released its yearly Internet Crime Report [PDF]. All…
Several more lawsuits filed against Frederick Health Hospital related to data breach, cybersecurity failures
Gabrielle Lewis reports: Four class action lawsuits alleging Frederick Health Hospital failed to protect patients’ sensitive data during a ransomware attack in January were filed this month. These lawsuits accuse FHH of having inadequate cybersecurity measures, neglecting its obligation to protect patient data, improperly notifying the people affected by the data breach and putting individuals…
Scattered Spider Hacking Suspect Extradited to US From Spain
Margi Murphy reports: An alleged member of the notorious Scattered Spider cybercrime group was extradited from Spain to the US on Wednesday, according to a Department of Justice official. Tyler Buchanan, a 23-year-old from Scotland, was arrested last year over his alleged involvement in the theft of sensitive data about American consumers and tens of…
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector
Michael Gorelik of Morphisec writes: Morphisec recently investigated an incident involving a new variant of one of the most aggressive ransomware families: Mimic version 7.5. First observed in 2022, Mimic remains relatively underreported in the public domain, aside from a detailed analysis of Mimic version 6.3 that was previously published by Cyfirma and Kaspersky. Target Audience: This threat analysis…