The Office of Inadequate Security
Two ransomware groups claimed to have attacked Consulting Radiologists. The notification is silent about any ransom demands. Consulting Radiologists LTD. (“CRL”)” in Minnesota is a physician-owned practice. On February 12, 2024, they detected suspicious activity on their network. An investigation revealed that an unauthorized actor had accessed certain files and data. Those files contained patient…
Hunton Andrews Kurth writes: On June 18, 2024, the U.S. Securities and Exchange Commission (“SEC”) announced a settlement with R.R. Donnelley & Sons Co. (“RRD”), a global provider of business communication and marketing services, for violating the internal controls and disclosure controls provisions of federal securities laws in relation to Donnelley’s response to a 2021 ransomware attack….
Matt Burgess reports: Crippling ransomware attacks against hospitals and health care providers are on the rise. These ruthless cyberattacks can take medical systems offline for weeks—canceling appointments and surgeries and causing harm to patients. Doctors and nurses are plunged into crisis situations where they resort to using pen and paper, while IT staff work to make…
On June 6, an individual calling themself “Satanic,” listed data for sale that was allegedly from the Los Angeles Unified School District. The listing, seeking $5,000.00 claimed to include 24 million student records and additional records from employees. At the time, DataBreaches did not post anything about the listing because inspection of the sample data…
Alexa Lardieri reports: A cyberattack on a major American hospital system has caused dangerous medication mix ups including patients administered narcotics by mistake, leading to an admission to intensive care for life-threatening breathing difficulties. In another case, a female patient suffered a cardiac arrest and died after data mishaps delayed test results that would determine her…
Update: Accenture has questioned the truthfulness of the claims. See their statement below the original post. Waqas writes: A hacker is claiming to have extracted contact details of 33,000 current and former employees of the IT giant Accenture in a breach that involves a third-party firm. A hacker known as “888” has recently leaked a…