On or about December 10, AlphV (aka BlackCat) added DotHouse Health.org to their leak site, where they attempt to pressure victims into paying any ransom demands. In this case, the threat actors did not post any proof pack, but they claimed to have infiltrated 800 GB of data from the Massachusetts HIPAA-covered healthcare provider. On…
Category: Breach Incidents
Russian hackers using new Graphiron information stealer in Ukraine
Bill Toulas reports: The Russian hacking group known as ‘Nodaria’ (UAC-0056) is using a new information-stealing malware called ‘Graphiron’ to steal data from Ukrainian organizations. The Go-based malware can harvest a wide range of information, including account credentials, system, and app data. The malware will also capture screenshots and exfiltrate files from compromised machines. Symantec’s…
More lawsuits filed over Knox College ransomware attack
By early December 2022, Hive ransomware gang had not only claimed responsibility for an attack on Knox College, but when the college hadn’t paid their demand, they contacted students directly. As NBC reported, the emails sought to get students to pressure the college to pay: “We have compromised your collage networks,” the email said, written…
Bigger than they knew: Diligent Corp. sends more notifications after discovering hacked data on the internet
Diligent Corp is a software as a service company, headquartered in New York. In June, 2022, they disclosed an incident that occurred in May. According to their disclosure at the time, on or around May 21, 2022, an unauthorized actor accessed a network supporting Steele Compliance (a firm acquired by Diligent in February 2021). Diligent…
Heads up: Highmark Health will be notifying 300,000 patients of a phishing incident. Watch for your mail this month.
Highmark Health defines itself as a “national, blended health organization” that includes the Highmark Health Plan (a Blue Cross Blue Shield insurer); a regional hospital and physician network; and companies that offer dental solutions, reinsurance solutions, population health management, and technology solutions. Letters have not gone out yet and will not be going out in…
Four more attacks on the healthcare sector, weekend edition
UPDATE of Feb. 10, 2023: Regal Medical Group notified HHS that their incident impacted 3,300,638 patients. Original Post: It may be the weekend, but there’s no rest for the weary when it comes to tracking attacks on the healthcare sector. Here are four more incidents you may not have heard about already: Cardiovascular Associates Cardiovascular…