In July, this site noted a May, 2021 ransomware incident that significantly impacted Florida Heart Associates. In July, they notified HHS that 45,148 patients were impacted. Now this week, we learned that it was Pysa threat actors who had attacked them, and they have now dumped some of the data. Pysa’s dump is a little…
Category: Breach Incidents
Maxim Healthcare notifies patients of breach that occurred in October, 2020
On November 4, Maxim Healthcare Group, including Maxim Healthcare Services and Maxim Healthcare Staffing (collectively “Maxim Healthcare”) issued a press release about a breach — a press release they describe as issued “out of an abundance of caution.” That sounds like they had an option not to disclose. I would think that they were required…
Two providers in Colorado and Alabama report breaches, and a benefits administrator in Georgia also reports a cyberattack
The Urology Center of Colorado (TUCC) On September 8, TUCC detected an attack that began September 7. Their investigation revealed that patients’ name and one or more of the following data elements may have been date of birth, Social Security number, address, phone number, email address, medical record number, diagnosis, treating physician, insurance provider, treatment…
Update on impact of the Washington Central Unified Union School District ransomware attack
On October 28, this site noted a report that Washington Central Unified Union School District in Vermont had been the victim of an as-yet-unconfirmed ransomware attack. The district has now issued a notification that makes clear that personal and health information of students and personnel may have been accessed or acquired. Their announcement also indicates…
Reward Offers for Information to Bring DarkSide Ransomware Variant Co-Conspirators to Justice
PRESS STATEMENT NED PRICE, DEPARTMENT SPOKESPERSON NOVEMBER 4, 2021 The U.S. Department of State announces a reward offer of up to $10,000,000 for information leading to the identification or location of any individual(s) who hold(s) a key leadership position in the DarkSide ransomware variant transnational organized crime group. In addition, the Department is also offering…
Jukin Media hacked and data dumped; company claims a password reset is required due to a “security upgrade”
On Wednesday, Jukin Media posted a notice on its site requiring users to reset their passwords. They said the reset was due to a “security upgrade.” By now, whenever I see announcements about what seems to be an unplanned or unscheduled reset, I suspect a breach, so I reached out to Jukin Media’s Twitter team…