Maternal & Family Health Services (“MFHS”) in Pennsylvania has issued a press release about what they describe as a “sophisticated ransomware incident.” At this point, given so many ransomware attacks over the past few years, DataBreaches has no idea what would be considered “sophisticated.” In any event, MFHS began notifying potentially affected individuals, including certain…
Category: Breach Incidents
HC3: Analyst Note: Pro-Russian Hacktivist Group ‘KillNet’ Threat to HPH Sector
December 22, 2022 TLP:CLEAR Report: 202212221500 Executive Summary HC3 is closely tracking hacktivist groups which have previously affected a wide range of countries and industries, including the United States Healthcare and Public Health (HPH) sector. One of these hacktivist groups—dubbed ‘KillNet’—recently targeted a U.S. organization in the healthcare industry. The group is known to launch…
Ransomware group claims to have encrypted Centro Médico Virgen De La Caridad
Hive has added yet another medical entity to its leak site. This time, it’s Centro Médico Virgen De La Caridad health system in Cartagena, Spain. The system consists of two hospitals (Cartagena and Caravaca), 20 polyclinics, 23 physiotherapy clinics, and 16 dental clinics throughout Murcia and Orihuela Costa. In addition, the group has one aesthetic…
Retreat Behavioral Health addiction treatment centers hit by ransomware earlier this year
Retreat Behavioral Health (RBH) has addiction treatment facilities in Florida, Pennsylvania, and Connecticut. On July 1, 2022, they reportedly detected a ransomware attack. Letters were sent out this week, but because Massachusetts actually prohibits entities from providing important details in notifications to consumers, there’s a lot we don’t know about this incident yet. Specifically, the…
Bits ‘n Pieces (Trozos y Piezas)
BR: Monte Cristalina claimed by LockBit3.0 On December 19, Monte Cristalina S.A. was added to LockBit3.0’s leak site. The group claims to have 135GB of information about the holding company, and has already uploaded some data as proof. Access to Monte Cristalina’s website has been blocked, and we have found no acknowledgement or confirmation by…
NC: Monarch notifies HHS of breach, but where are the details and notice?
On September 1, a listing on a dark web site by a group calling themselves Don#t_Leaks named MonarchNC as a victim. The listing did not appear for long. The only “proof” offered at the time was a filetree and a screencap of what might be an index of an inbox showing monarchnc.org domain in email…