Michael Potuck reports: Over the last several years, LockBit has become one of the most powerful ransomware gangs. While it has focused on Windows, Linux, and virtual host machines, it looks like the group has developed its first ransomware for Macs. Discovered by MalwareHunterTeam (via Brett Callow), what seems to be the first ransomware build designed for macOS has surfaced…
Category: Breach Incidents
A short-lived BlackCat listing suggests NCR’s customers’ networks were accessed
It’s been more than a decade since DataBreaches covered any significant data breach involving the Aloha POS system, and back then it was owned by Radiant Systems. In 2011, NCR Corporation bought Aloha POS. Things were fairly quiet since then, if you don’t count NCR’s response to a zero day RCE vulnerability that NCR somewhat…
Retina & Vitreous of Texas notifies 35,766 patients of ransomware attack but doesn’t call it one
On April 10, Retina & Vitreous Associates of Texas issued a press release about a security incident discovered in February. They write, in part, “On February 1, 2023, Retina & Vitreous became aware of unusual activity within its network and discovered that there had been unauthorized access to the environment…… On February 15, 2023, the investigation…
NCB Management breach affected almost 500,000 former Bank of America credit card holders
NCB Management is an “accounts receivable management company.” In this case, that means collections. According to NCB’s March 24 letter, NCB discovered on February 4 that an unauthorized party gained access to their systems on February 1, 2023. They confirmed on March 8 that some information on consumers’ Bank of America past-due credit card accounts…
Bits ‘n Pieces (Trozos y Piezas)
CL: Attack on multinational SONDA claimed by Medusa The Chilean IT multinational SONDA, which has a presence in 11 countries, has been placed on the leaks page of the threat actor Medusa Locker. Medusa’s leak site displays some file captures from different countries where this company operates. The proof includes an affidavit from SONDA Peru,…
PharMerica and BrightSpring Health Services hit by Money Message (update2)
PharMerica, owned by BrightSpring Health, is a national pharmacy network serving partners in over 3,100 long-term care, senior living, IDD/behavioral health, home infusion, specialty pharmacy, and hospital management programs. BrightSpring® Health Services provides comprehensive home and community-based health services to complex populations needing specialized care. Both are headquartered in Kentucky. Earlier today, the Money Message…