Executive Summary Trinity ransomware is a relatively new threat actor, known for employing a double extortion strategy. This method involves exfiltrating sensitive data before encrypting files, thereby increasing pressure on victims to pay the ransom. This ransomware uses the ChaCha20 encryption algorithm, and encrypted files are tagged with the “.trinitylock” file extension. Trinity operates a…
In April 20218, DataBreaches reported a ransomware incident in February 2018 that had affected 81,550 patients of the Center for Orthopaedic Specialists (COS) – Providence Medical Institute (PMI) in California. The entity’s notification at the time indicated that patients’ names, dates of birth, details about medical records, and Social Security numbers had been involved in the…
Sage Smiley reports: The American Civil Liberties Union of Alaska said that it uncovered a “massive” violation of medical privacy laws by a software company used by the Alaska Department of Corrections. But the software company at the center of the complaint claims that’s “false and misleading,” and that there was no breach of data…
Marianne Kolbasuk McGee A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records. The incident affected inmates who received medical care between January 2012 and July 2022…
CHARLOTTE, N.C. – A dual citizen of Nigeria and the United Kingdom was sentenced today to seven years in prison for his role in a multimillion-dollar business email compromise (BEC) scheme, announced Dena J. King, U.S. Attorney for the Western District of North Carolina, and Alamdar S. Hamdani, U.S. Attorney for the Southern District of Texas….
The following is a press release from HHS OCR concerning a settlement stemming from a March 2017 ransomware attack experienced by Cascade Eye & Skin Centers in Washington. DataBreaches was not previously aware of this incident and can find no news coverage of it at the time nor any entry on HHS’s public breach tool…