NIST SP 1800-24 OCR is sharing the National Cybersecurity Center of Excellence’s (NCCoE) at the National Institute for Standards and Technology (NIST) SP 1800-24, Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector. This practice guide can help HIPAA covered entities and their business associates implement current cybersecurity standards and best practices to…
Category: Breach Incidents
Ransomware threat actors dump data from yet another k-12 district
The past few days have not been great ones for k-12 districts. As this site reported, DoppelPaymer ransomware threat actors recently dumped data from both Pascagoula-Gautier School District in Mississippi and Gardiner Public Schools in Montana. Now a third school district has also had some of their data dumped. On December 14, this site had…
Premier Kids Care, Inc. notifies patients of attack first discovered in April
Premier Kids Care, Inc. (PKC) of Georgia provides specialized pharmacy and home clinical services for children with diabetes, endocrinological, and perinatal needs. On April 6, 2020, PKC discovered it had been targeted by a cyberattack and that an unauthorized actor had gained access to PKC systems. An investigation into the incident revealed that the unauthorized…
DoppelPaymer dumps data from public school districts in Mississippi and Montana
Why ransomware threat actors go after small school districts with few resources still puzzles me. The districts may be “low-hanging fruit” from a security perspective, but they generally do not have the resources to pay big ransom demands. So why target them? My puzzlement notwithstanding, a number of ransomware teams do attack k-12 districts. DoppelPaymer…
Threat actors attack diagnostic laboratories in Virginia and New York
Attacks on hospitals by ransomware threat actors continue to make headlines, as do attempts to hack laboratories or entities involved in COVID-19 related research. Attacks on diagnostic laboratories without an obvious COVID-19 connection tend to garner fewer headlines but should be of no less concern, as the ability to diagnose health conditions correctly is a…
And the ransomware attacks just keep on coming….
Marieville in Canada Dassault Falcon Jet in France (attacked by RagnarLocker who exploited Shitrix vulnerability in March and reportedly enjoyed a lengthy stay inside their systems) Amg Energia in Italy TSYS in Georgia Netgain in Minnesota The Socorro Independent School District in Texas The city of Independence in Missouri And there are many more…. as…