Remember when Britton White and DataBreaches discussed employees having their work credentials compromised by infostealers and how employers might want to require employees to notify them whenever an employee’s device was compromised if the device had stored login credentials? University of Miami Health posted a breach notice this week that caught my eye. From the…
Category: Breach Incidents
PA: Maternal & Family Health Services reveals ransomware incident
Maternal & Family Health Services (“MFHS”) in Pennsylvania has issued a press release about what they describe as a “sophisticated ransomware incident.” At this point, given so many ransomware attacks over the past few years, DataBreaches has no idea what would be considered “sophisticated.” In any event, MFHS began notifying potentially affected individuals, including certain…
HC3: Analyst Note: Pro-Russian Hacktivist Group ‘KillNet’ Threat to HPH Sector
December 22, 2022 TLP:CLEAR Report: 202212221500 Executive Summary HC3 is closely tracking hacktivist groups which have previously affected a wide range of countries and industries, including the United States Healthcare and Public Health (HPH) sector. One of these hacktivist groups—dubbed ‘KillNet’—recently targeted a U.S. organization in the healthcare industry. The group is known to launch…
Ransomware group claims to have encrypted Centro Médico Virgen De La Caridad
Hive has added yet another medical entity to its leak site. This time, it’s Centro Médico Virgen De La Caridad health system in Cartagena, Spain. The system consists of two hospitals (Cartagena and Caravaca), 20 polyclinics, 23 physiotherapy clinics, and 16 dental clinics throughout Murcia and Orihuela Costa. In addition, the group has one aesthetic…
Retreat Behavioral Health addiction treatment centers hit by ransomware earlier this year
Retreat Behavioral Health (RBH) has addiction treatment facilities in Florida, Pennsylvania, and Connecticut. On July 1, 2022, they reportedly detected a ransomware attack. Letters were sent out this week, but because Massachusetts actually prohibits entities from providing important details in notifications to consumers, there’s a lot we don’t know about this incident yet. Specifically, the…
Bits ‘n Pieces (Trozos y Piezas)
BR: Monte Cristalina claimed by LockBit3.0 On December 19, Monte Cristalina S.A. was added to LockBit3.0’s leak site. The group claims to have 135GB of information about the holding company, and has already uploaded some data as proof. Access to Monte Cristalina’s website has been blocked, and we have found no acknowledgement or confirmation by…