On August 30, HHS added Queen Creek Medical Center d/b/a Desert Wells Family Medicine in Arizona to its public breach tool. The entity had reported that 35,000 patients were impacted by a breach involving a hack of the network. We now have more details on that incident available thanks to a public disclosure of their…
Author: Dissent
New .avos2 variant: AvosLocker affiliate extorts $ 85k from victim thanks to old vulnerability in FortiGate VPN
Marco A. De Felice reports: An affiliate of the AvosLocker ransomware group extorts $ 85,000 in bitcoin from a company thanks to a known vulnerability in FortiGate VPN ( CVE-2018-13379 ). A vulnerability that the American multinational had corrected THANKS TO AN UPDATE released IN NOVEMBER 2019 . Those who have not updated their systems are a small company that…
Th: Hospital hack prompts call for cooperation
Wassayos Ngamkham has some interesting follow-up reporting on the recent attack on Phetchabun Hospital. That hospital and Bhumirajanagarindra Kidney Institute Hospital, both in Thailand, have been recently attacked, with the latter attack interfering with patient services. The Cyber Crime Investigation Bureau (CCIB)’s preliminary investigation reportedly: showed that a group of Indian hackers was behind the…
“REvil” reappears on forum — but not “Unknown?”
As previously noted by this site and others, REvil threat actors appear to have re-emerged after disappearing in July.. Their dedicated leak site and blog are at the same Tor address as previously, but is it “Unknown” who is back, or not? A new account calling itself “REvil” registered on a popular Russian-language forum this…
HBP Financial Services Group notice of breach impacting Pathology Consultants of New London, PC
The following was found in the legal notices section of the Westerly Sun. Details for NOTICE OF DATA BREACH HBP NOTICE OF DATA BREACH HBP Financial Services Group, LTD (HBP), which serves as the practice administrator for Pathology Consultants of New London, PC (PCNL), was the victim of an IT incident that resulted in the unauthorized access…
Sg: MyRepublic data breach: 80,000 mobile users’ personal data exposed
Yahoo! reports: The personal data of about 80,000 MyRepublic mobile subscribers was accessed without authorisation last month. The telco said in a media release on Friday (10 September) that the breach took place on 29 August on a third-party data storage platform used to store the personal data of its mobile customers. Investigations showed that…