There’s yet another update to the troubling case of Spyros Panos, who had been charged with stealing another physician’s identity to continue on his fraudulent way after losing his medical license for other crimes. A post on this site in 2018 provides some of the background and history. On October 30, the Southern District of…
Category: Breach Incidents
Ransomware Operator Promotes Distributed Storage for Stolen Data
Jai Vijayan reports: News last week about a ransomware-as-a-service (RaaS) operation called DarkSide setting up a distributed storage system in Iran for storing data stolen from victims of its attacks could mean big trouble for organizations. If the model proves successful, other ransomware operators are likely to implement similar systems, making it even harder for…
Chicago suburban school districts experience apparent hacks in which offensive, sexual messages sent
ABC reports: A suburban school district said its system might have been hacked this weekend. Township High School District 211 covers parts of Hoffman Estates, Schaumburg, Arlington Heights and other northwest suburbs. The district said outgoing emails, phone calls and text messages were compromised Saturday night. But that wasn’t the only suburban district attacked successfully,…
Egregor threat actors pose risk to medical and dental entities
While some ransomware threat actors claim that they will not attack medical entities, others have not made any such pledge. In “Without Undue Delay,” DataBreaches.net noted that Egregor ransomware threat actors had added Dyras Dental in Michigan to their leak site in September. As I reported in that paper: The data dumped by the attackers as…
Egregor ransomware causes printers to spit out ransom notes
In a somewhat novel approach to ensuring that their victim knows they have been hacked and their systems locked up, the Egregor threat actors sent messages to some Cencosud stores. Some video was shared on Twitter by @Irlenys: El #ransomware que le pegó a Cencosud es #Egregor. La ransom note empezó a salir en las…
“Email Appender” Implants Malicious Emails Directly Into Mailboxes
As if we didn’t have enough breaches that start by compromising an employee’s email account, now there’s more to worry about. Imagine that despite training your employees to be careful, and despite using updated AV or other software to detect nasties, a threat actor could deliver malware-laden emails directly into your employees’ inboxes. Will employees…