The governmment continues to enforce contractors’ obligations to adhere to cybersecurity standards in their Department of Defense (DoD, now Department of War) contracts. A press release today reveals another enforcement action: Georgia Tech Research Corporation (GTRC) has agreed to pay the United States $875,000 to resolve allegations that it violated the False Claims Act and federal common…
Category: Breach Incidents
ApolloMD notifies patients of 11 physician practices affected by a June cyberattack
On June 12, 2025, Qilin added ApolloMD to their darkweb leak site with a date of June 6. They claimed to have 238 GB of files. ApolloMD, headquartered in Georgia, is a business associate to hospitals and health systems, providing them with services to enhance clinical operations and patient care, and to optimize financial performance….
‘No Harm, No Foul:’ Courts Take Tougher Line on Data-Breach Suits
Angus Loten reports: A deluge of data-breach lawsuits has a growing number of U.S. judges insisting victims show exactly how their leaked personal data caused “tangible harm,” a high bar that is getting more cases tossed out of court. Judges are also requiring plaintiffs to trace any damages back to a particular breach—a tougher condition…
Medical Associates of Brevard notifies 246,711 patients after cyberattack
On January 23, 2025, the Bian Lian ransomware gang added the Medical Associates of Brevard (“MAB”) to its dark web leak site. At the time, they listed the types of data they claimed to have acquired, but did not provide any screenshots or proof of claims. Months later, BianLian went offline. What happened to any…
Two teenage suspected Scattered Spider members charged in UK over TfL hack; U.S. unseals charges (1)
Alexander Martin reports: Two suspected members of the Scattered Spider cybercrime collective have been arrested and charged in the United Kingdom following an investigation into the hack of Transport for London (TfL) last year. The National Crime Agency (NCA) announced on Thursday that Thalha Jubair, 19, from East London, and Owen Flowers, 18, from Walsall,…
Survival Flight reports second cybersecurity incident in less than a year (1)
Survival Flight is an Arizona-headquartered firm that provides ground and air emergency medical transportation services. On August 12, they issued a substitute notice saying that on July 17, they had discovered a cybersecurity incident affecting its IT systems. In their substitute notice, which has not been updated as of this publication, they wrote: The investigation…