On September 1, a listing on a dark web site by a group calling themselves Don#t_Leaks named MonarchNC as a victim. The listing did not appear for long. The only “proof” offered at the time was a filetree and a screencap of what might be an index of an inbox showing monarchnc.org domain in email…
Category: Breach Incidents
Attack on the Azienda Ospedaliera di Alessandria hospital: additional details on the case
Marco A. De Felice prefaces his reporting on a Ragnar_Locker attack with this message: For ethical reasons we did not want to spread the news of the attack on the hospital’s IT infrastructure before the news became public knowledge. Indeed, on December 20, SuspectFile had already become aware of the ransom note written by the…
Counsel for alleged member of ShinyHunters tries a legal “Hail Mary” play to block extradition
Since May 31, French national Sebastien Raoult has been detained in Morocco while the U.S. seeks his extradition to the U.S. to face charges he allegedly engaged in criminal activities with ShinyHunters. On December 26, the Moroccan court of cassation ruled that yes, he would be extradited. After exhausting all appeals to the French government…
Updating Scripps Health ransomware incident: litigation settlement
Dorian Hargrove of CBS reports that Scripps Health has agreed to pay more than $3.5 million dollars to victims of a ransomware attack in 2021 that compromised the personal information of more than one million patients. More than 1 million patients? At the time, Scripps had reported that it was notifying 147,267 patients, and that…
St. Rose Hospital patient data appears on hacking forum (UPDATE1)
On December 20, a listing appeared on a popular forum that offered documents allegedly from St. Rose Hospital in Hayward, California. The listing was not a sales listing but rather a “demo data pack” listing of what was described as documents from a leak. The total leak allegedly contains 1.7 TB of files with: Financial…
Bits ‘n Pieces (Trozos y Piezas)
MX: Attack on Financiera Reyes Claimed by LockBit3.0 On December 12, Financiera Reyes was added to the leak site of LockBit3.0. No proof was provided, however. Finding no notice on the financial institution’s social media sites or web site, DataBreaches contacted Financiera Reyes on December 12 to ask them to confirm or deny any incident….