From the “Wait-What-Happened-Here Dept:” On October 19, the Black Suit ransomware group announced that they had attacked Rutherford County Schools in Tennessee. Their listing, posted on their dark web site, included what appears to be an indication of what data and how much data they were able to exfiltrate. It did not indicate whether they…
Category: Breach Incidents
Many researchers are pseudonymous. That doesn’t justify ignoring their alerts.
For many years, the FTC has published guidance for businesses to Start with Security. Their advice has always included having a clear way to receive security alerts about vulnerabilities. That advice has been repeated in all updates, including their 2023 version. Why do I mention that now? Because once again, attempts to warn a company…
Feds claims just 7% of available funds from OPM breach settlement, remainder returns to Treasury
Eric Katz reports: Current federal employees, retirees and others impacted by widespread breach of personal data maintained by the Office of Personnel Management took advantage of only a small portion of the money made available in a settlement agreement following the 2015 hack. Plaintiffs in the class action lawsuit reached a settlement in 2022 with…
U.S. Army Soldier Arrested in AT&T, Verizon Extortions
Brian Krebs reports: Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea….
White House Clears HIPAA Security Rule Update
Chris Riotta reports: The U.S. Department of Health and Human Services is ramping up digital efforts to protect Americans in a year that’s witnessed hackers targeting sensitive patient data and major breaches at Ascension and UnitedHealth. HHS is set to unveil a notice of proposed rulemaking requiring healthcare companies to encrypt data, conduct routine compliance…
Jamestown Pharmacist Arrested and Charged with Health Care Fraud and Aggravated Identity Theft in a Multi-Million Dollar Health Care Fraud Scheme
December 23, Nashville – A federal indictment returned last week and unsealed on Friday charges Jamestown pharmacist Philip Hall, 48, with 9 counts of Health Care Fraud and 6 counts of Aggravated Identity Theft, announced Acting United States Attorney for the Middle District of Tennessee Thomas J. Jaworski. According to the indictment, Hall was a licensed…