Anastasia Sentsova and Jon DiMaggio have written about the latest drama in the ransomware world: LockBitSupp was banned from XSS.is, and as is their policy, he was therefore also banned on Exploit.in. Banned in the two well-known Russian-language forums, LockBitSupp tried to appeal the decision to RAMP. Even though it seems RAMP agreed with him,…
Category: Breach Incidents
Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline
Chainalysis got everyone’s attention with their new report. They write, in part: 2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022, which we forewarned in our Mid-Year Crime Update. Ransomware payments in 2023 surpassed…
Verizon insider data breach affects over 63,000 employees
Bleeping Computer reports that Verizon has notified the Maine Attorney General’s Office of an insider data breach affecting 63,206 employees. According to their sample notice of what was sent to those affected, an employee gained unauthorized access to employee data on September 21, 2023, although Verizon didn’t discover the problem until December. The types of…
Two hosting companies in Romania had what appear to be unrelated breaches. Did either one ever issue a public notice? (2)
In April 2023, DataBreaches reported on an alleged incident involving TIC Hosting in Romania. No one from TIC Hosting ever responded to inquiries from this site, and inquiries to the data protection regulator for the country indicated that TIC Hosting had never reported any data protection incident to them. And that seemed to be the…
HHS’ Office for Civil Rights Settles Malicious Insider Cybersecurity Investigation for $4.75 Million
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a settlement with Montefiore Medical Center, a non-profit hospital system based in New York City for several potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. OCR is responsible for administering and enforcing health information…
Lurie Children’s Hospital took systems offline after cyberattack
Bill Toulas reports: Lurie Children’s Hospital in Chicago was forced to take IT systems offline after a cyberattack, disrupting normal operations and delaying medical care in some instances. Lurie Children’s is a Chicago-based pediatric acute care hospital with 360 beds, 1,665 physicians covering 70 sub-specialties, and 4,000 medical staff and employees. It is one of…