Recover Our Youth has posted a notice of a data security incident that does not specifically say there was a ransom demand involving exfiltrated data, but it sounds like they may have paid some ransom to get copies of data destroyed. Recover Our Youth offers residential treatment programs and group homes for behaviorally and emotionally…
Category: Breach Incidents
These hackers have spent months hiding out in company networks undetected
Danny Palmer reports: A cyber-espionage campaign is using new malware to infiltrate targets around the world including organisations in media, finance, construction and engineering. Detailed by cybersecurity company Symantec, the attacks against organisations in the US, Japan, Taiwan and China are being conduced with the aim of stealing information and have been linked to an espionage…
SunCrypt ransomware group swears off medical entities, sets sights on cybersecurity firms
When the SunCrypt ransomware group opened a leak site where they listed victims who had not paid their ransom demands, they attracted public attention and demonstrated their ability to use the media to their advantage. BleepingComputer reported that SunCrypt operators had reached out to them to introduce themselves as part of the Maze cartel. Days…
Houston-area health organization says patients targeted in phishing incident
Amanda Cochran reports: Legacy Community Health announced Tuesday that some of its patients were victims of an email phishing incident. The organization said it had mailed letters to affected patients. In a news release Legacy did not disclose how many people at its 15 Houston-area locations were affected by the phishing incident, Read more on…
Yevgeniy Nikulin sentenced to 88 months for hacks of LinkedIn, Dropbox, and Formspring
More than two years after he was extradited from the Czech Republic where he was arrested in 2016 for hacking LinkedIn, Dropbox, and Formspring, Russian national Yevgeniy Nikulin was sentenced today to 88 months by Judge William Alsup in federal court in northern California. Nikulin, also known as “Chinabig01,” “dex.007, ” “valeriy.krutov3, and “itBlackHat,” had…
Security lapse exposes hundreds of addresses of Minnesotans infected with COVID-19
Jay Kolls reports: In April, Gov. Tim Walz signed an executive order allowing the Minnesota Department of Health and the Minnesota Department of Public Safety to share addresses of COVID-19 patients with first responders across Minnesota. The governor imposed strict guidelines for sharing those addresses to protect the identity of Minnesotans with COVID-19. MDH and…