Joseph Menn and Christopher Bing report: The suspected Russian hackers who used SolarWinds and Microsoft software to burrow into U.S. federal agencies emerged with information about counter-intelligence investigations, policy on sanctioning Russian individuals and the country’s response to COVID-19, people involved in the investigation told Reuters. The hacks were widely publicized after their discovery late…
Category: U.S.
Two more ransomware attacks on the education sector revealed
In August, DataBreaches.net highlighted ransomware threat actors known as Pysa who have been attacking both the medical sector and the education sector — two sectors near and dear to this site’s publisher. Today, we report on two more school districts attacked by Pysa. Consolidated High School District 230 The Consolidated High School District 230 in…
Ransomware actor tries to pressure Allen ISD by emailing parents
Benjamin Freed reports: The malicious actors behind a ransomware attack against a school district in Texas attempted to extract payment this week with what one analyst said appears to be an entirely new tactic: emailing parents of students with a threat that if school officials do not pay up, their kids’ personal information may be…
IL: OSF Healthcare discloses ransomware incident
In May, 2021, DataBreaches.net sent an email inquiry to OSF Healthcare in Illinois after seeing that threat actors known as Xing Team claimed to have attacked them and exfiltrated data. OSF Healthcare never responded to the inquiry. In June, after Xing Team started dumping what appeared to be patient data, DataBreaches.net sent OSF Healthcare a…
It seemed that in the blink of an eye, an Indiana health system was crippled by ransomware
Leeann Doerflein reports: Johnson Memorial Health’s information technology team and the FBI are trying to get to the bottom of a weekend cyber attack that crippled the hospital’s computer network. The hackers gained access to the hospital’s network at 10:31 p.m. Friday and installed ransomware by 10:33 p.m. The hospital’s IT team discovered the attack…
Tesuque Casino reopens Tuesday after September cyberattack
Teya Vitu reports: Tesuque Casino will reopen at 10 a.m. on Tuesday after being shut down since Sept. 25 to deal with a cyberattack and secure the facility from future similar incursions. “As for customer data, nothing was compromised, nothing was breached,” casino interim general manager Floyd Samuel said. The casino lost no money in the…