Update of August 10: Following publication of our article with a statement from Greenway Health that the attack appeared to be on a former client and not them (but it was under investigation), DataBreaches.net checked the threat actor’s leak site today and found the entire listing is gone. This could mean a number of things,…
Category: Breach Incidents
Australian Cyber Security Centre reports multiple victims of LockBit 2.0 ransomware
David Simmons reports: A ransomware attack called LockBit 2.0 has hit multiple organisations across various industry sectors according to the Australian Cyber Security Centre (ACSC), with the government body publishing a ‘medium’ alert for the cybercrime. […] Operators of the platform have appeared on Russian-language cybercrime forums since January 2020 according to ACSC, but the…
Attempted ransomware attack prompts Eskenazi Health to shut down systems and divert patients
WTHR reports: Eskenazi Health said an attempted ransomware attack caused the hospital to go on diversion Wednesday morning. A hospital spokesperson said their monitoring systems functioned as they should have and proactively shut down their network. Read more on WTHR. Their web site is not reachable at this time, and although they have updated their…
U.S. medical entities fall prey to Pysa threat actors, but many haven’t disclosed it – at least, not yet.
—– A DataBreaches.net report by Dissent and Chum1ng0 —– Since 2018, threat actors known as “Pysa” (for “Protect Your System Amigo”) have used mespinoza ransomware to lock up victims’ files after exfiltrating a copy of them. In early 2020, alerts about these “big-game hunters” were published by both the FBI and CNIL . Since then,…
Insurance Broker Gallagher Sued Over Ransomware Attack
Andrew G. Simpson reports: Insurance and benefits broker Arthur J. Gallagher is the target of a proposed class action lawsuit over a ransomware attack it suffered in 2020. The plaintiffs allege that Gallagher failed to follow federal and state government and industry standards to protect their personal information from hackers and failed to adequately notify…
Hacker attack on the Lazio Region. Vaccine reservations suspended, shadow ransomware
Arcangelo Ròciola reports: AGI – Unprecedented hacker attack on the IT systems of the Lazio Region. A virus has taken offline the Region’s website, that of the Regional Council and the booking portal for vaccines against Covid-19. Systems went haywire about shortly after midnight today. From what AGI learned shortly after the attack, the virus…