As DataBreaches noted yesterday on infosec.exchange, the Medusa ransomware gang claims to have hit Great Valley School District in Pennsylvania. They provide a filetree showing a lot of Skyward, Canvas, PowerSchool, and other internal files, as well as 20+ screencaps of student info and employee info files to support their claim. They are demanding $600k…
Category: Breach Incidents
Pacific Cataract and Laser Institute confirms cyberattack
Pacific Cataract and Laser Institute (PCLI) is dealing with a cyberattack that LockBit claimed responsibility for. An undated notice on its website states that their communications systems and computers have been disrupted by a cyberattack. “Our clinical and surgical equipment is operational and unaffected and we continue to see patients. Although some appointments have…
Proliance Surgeons notifying 437,392 patients after ransomware attack earlier this year
On November 17, Proliance Surgeons notified HHS that 437,392 patients were affected by a breach. An undated notice on their website explains that it was a ransomware attack in which files and systems were encrypted and some data was exfiltrated. “After a thorough forensic investigation, we discovered on May 24, 2023, that additional files may…
North Texas Municipal Water District hit by ransomware attack
The Municipal Water Authority of Aliquippa in Pennsylvania recently reported a cyberattack that appeared to be by an Iranian-backed group, “Cyber Av3ngers” that shut down technology involved in the drinking water supply to Raccoon and Potter townships. But Aliquippa wasn’t the only water authority to recently experience a cyberattack. The Daixin ransomware team added the…
Hospitals in multiple states diverting patients after Ardent Health Services hit with ransomware attack
It was predictable that threat actors would attack during Thanksgiving week when many people take off for the holiday and long weekend. Ardent Health Services was hit with a ransomware attack — and badly enough that hospitals wound up diverting emergency patients. Below the break, you can find the text of Ardent’s notice and FAQ….
Ransomware group leaks data allegedly from Granger Medical Clinic
On November 24, the NoEscape ransomware group added Granger Medical Clinic in Utah to their leak site. As proof, NoEscape provided a filetree and screenshots. The filetree listed numerous files related to facilities and other internal documents, including files whose names appeared to relate to former and current providers and personnel. Some filenames suggested they…