NetWalker ransomware operators have added Crozer-Keystone Health System to their list of victims who have not paid their ransom demands. In a post on the threat actors’ website today, they note that they will start dumping data in six days if the Pennsylvania-based health system does not meet their demands. Their public threat does not…
Category: U.S.
Defense analyst sentenced to prison for media leaks
A former counterterrorism analyst who leaked classified information to two journalists, including one he was dating, has been sentenced to two and a half years in prison, the U.S. Department of Justice said in a statement Thursday. Henry Kyle Frese was employed by the Defense Intelligence Agency in 2018 and 2019. Prosecutors said he shared…
U.S. Deports Russian Hacker Convicted Of Stealing Almost $1 Million
There’s an update to a case previously noted on this site. From RadioFreeEurope/RadioLiberty: The United States has deported a Russian hacker who was sentenced to 48 months in prison for stealing hundreds of thousands of dollars from online banking accounts using malicious software known as NeverQuest. Officials from the Russian Embassy in the United States…
Suspected UMPC hacker accused of stealing employee data from 65,000 UPMC employees arrested in Detroit
Torsten Ove reports: A man accused of hacking the human resources databases at the University of Pittsburgh Medical Center starting in 2014 and stealing the data of 65,000 employees was arrested Tuesday in Detroit. Justin Sean Johnson is under indictment in Pittsburgh on charges of conspiracy, wire fraud and aggravated identity theft in connection with…
Care New England website remains down; no evidence found of data exfiltration
Brian Amaral provides an update on what sounds like a ransomware attack: Care New England’s investigation into ongoing IT problems hasn’t turned up any evidence of unauthorized access to patient information, the nonprofit’s president and CEO said Wednesday. Dr. James Fanale said Care New England, which includes Kent Hospital, Women & Infants Hospital and Butler…
Cognizant reports the April ransomware attack to California
Lawrence Abrams reports: On April 17th, Cognizant began emailing their clients to warn them that they were under attack by the Maze Ransomware so that they could disconnect themselves from Cognizant and protect themselves from possibly being affected. This email also contained indicators of compromise that included IP addresses utilized by Maze and file hashes for the kepstl32.dll,…