Margi Murphy reports: An alleged member of the notorious Scattered Spider cybercrime group was extradited from Spain to the US on Wednesday, according to a Department of Justice official. Tyler Buchanan, a 23-year-old from Scotland, was arrested last year over his alleged involvement in the theft of sensitive data about American consumers and tens of…
Author: Dissent
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector
Michael Gorelik of Morphisec writes: Morphisec recently investigated an incident involving a new variant of one of the most aggressive ransomware families: Mimic version 7.5. First observed in 2022, Mimic remains relatively underreported in the public domain, aside from a detailed analysis of Mimic version 6.3 that was previously published by Cyfirma and Kaspersky. Target Audience: This threat analysis…
Former Disney employee who hacked Disney World restaurant menus in revenge sentenced to 3 years in federal prison
When a former Disney World employee was accused of changing the menus at Disney World restaurants, it made headlines. And in January, when he admitted to changing the menus — including information about allergy information that could have created serious health risks for diners — that also made headlines. Now Michael Scheuer, who faced 10…
No need to hack when it’s leaking (CORRECTED)
Please note the correction at the bottom of this post. Researcher Jeremiah Fowler recently discovered an unsecured database with protected health information (PHI) that appeared to be linked to Atrium Health in North Carolina. As reported at WebsitePlanet, there were 21,344 records with a total size of 6.99 GB. The database appeared to be an…
DOGE Sued Over Record Keeping, Failing to Reply to FOIA Requests
If breaches or insider wrongdoing by DOGE employees are suspected, DOGE’s alleged failure to maintain and make transparent required records makes investigation nearly impossible or actually impossible. Mallory Culhane reports: The Department of Government Efficiency and top Trump administration officials are being sued over the agency’s alleged violations of federal record-keeping and transparency laws. DOGE…
HHS Office for Civil Rights Settles Phishing Attack Breach with Health Care Network for $600,000
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with PIH Health, Inc. (PIH), a California health care network, over potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The violations stem from a phishing attack that exposed unsecured electronic protected health…