Doug Levin recently wrote on Infosec.Exchange: Rant incoming. The frequency with which I read folks asserting that ‘education’ and in particular ‘U.S. K-12 schools’ are the most frequent ransomware target is so frustrating. Of course, that’s a nonsense assertion – and not supported by any reasonable read of the data. It is almost like the…
Category: Breach Incidents
Swedish Retail and Grocery Provider Coop Hit by Cactus Ransomware Gang
Pierluigi Paganini reports: Coop is one of the largest retail and grocery providers in Sweden, with approximately 800 stores across the country. The stores are co-owned by 3.5 million members in 29 consumer associations. All surplus that is created in the business goes back to the members or is reinvested in the business, which creates a…
Parathon by JDA e-Health: what we still don’t know about their July ransomware incident
On August 1, DataBreaches noticed that Parathon by JDA e-Health had been listed on the Akira ransomware leak site. Neither Akira nor Parathon responded to DataBreaches’ inquiries at the time, as DataBreaches reported on August 6. On October 30, Parathon issued a notice of security incident. The notice stated, in part: On July 27, 2023,…
The biggest cybersecurity and cyberattack stories of 2023
Lawrence Abrams writes: 2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities. Some stories, though, were more impactful or popular with our 22 million readers than others. Below are fourteen of what BleepingComputer believes are the most impactful cybersecurity stories of 2023, with…
Recent attacks on Fred Hutch and Integris: Is attempting to extort patients directly becoming the “new normal?”
DataBreaches previously reported a breach involving Integris Health in Oklahoma. The incident did not involve encryption, but the threat actors were reportedly contacting patients directly and offering to remove their protected health information for a small fee before leaking or selling the data of what they claim is more than two million patients. DataBreaches noted…
Integris Health notifying patients of hack and warning them not to respond to the hackers
On December 24, Integris Health of Oklahoma started contacting patients about a cyberattack on November 28. The unnamed threat actors did not encrypt any of the health system’s files, but Integris learned that patients were being contacted directly by threat actors. Integris has posted a notice with updates and an FAQ to help inform those…