On August 1, DataBreaches noticed that Parathon by JDA e-Health had been listed on the Akira ransomware leak site. Neither Akira nor Parathon responded to DataBreaches’ inquiries at the time, as DataBreaches reported on August 6. On October 30, Parathon issued a notice of security incident. The notice stated, in part: On July 27, 2023,…
Category: Breach Incidents
The biggest cybersecurity and cyberattack stories of 2023
Lawrence Abrams writes: 2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities. Some stories, though, were more impactful or popular with our 22 million readers than others. Below are fourteen of what BleepingComputer believes are the most impactful cybersecurity stories of 2023, with…
Recent attacks on Fred Hutch and Integris: Is attempting to extort patients directly becoming the “new normal?”
DataBreaches previously reported a breach involving Integris Health in Oklahoma. The incident did not involve encryption, but the threat actors were reportedly contacting patients directly and offering to remove their protected health information for a small fee before leaking or selling the data of what they claim is more than two million patients. DataBreaches noted…
Integris Health notifying patients of hack and warning them not to respond to the hackers
On December 24, Integris Health of Oklahoma started contacting patients about a cyberattack on November 28. The unnamed threat actors did not encrypt any of the health system’s files, but Integris learned that patients were being contacted directly by threat actors. Integris has posted a notice with updates and an FAQ to help inform those…
ProSmile issues breach disclosure that creates more questions than it answers
On December 22, ProSmile Holdings, LLC in New Jersey issued a press release about a data breach. If ProSmile — a dental service organization — is a business associate or otherwise covered under HIPAA, no report from them has shown up yet on HHS’s public breach tool. They write, in part: In July 7, 2022,…
Clay County, Minnesota discloses ransomware attack in October
On December 22, Clay County published a notice on its website about a ransomware attack in October. According to its notice, on October 27, 2023, the county determined that its network had been impacted by a ransomware attack between October 23 and 26. The attack affected the electronic document management system (“CaseWorks”) hosted by Clay…