On November 21, the Cactus ransomware gang added Petersen Health Care to its leak site. The listing has been updated since then. As proof of claims, Cactus leaked several screenshots of identity documents like passports. They did not indicate whether these were employee documents or patient-related documents, although it would be more likely if they…
Category: U.S.
AHA opposes HHS’ plan for cybersecurity fines
Naomi Diaz reports: The American Hospital Association said HHS’ plan to levy financial penalties in the event of a cyberattack on a healthcare organization would be counterproductive. In a Dec. 6 statement, the AHA said it is advocating for the HHS to review its proposal that requires healthcare organizations to be compliant with new cybersecurity requirements and…
Attorney General James Secures $400,000 from Dental Insurance Provider for Failing to Protect Patient Data
Chris Boyle reports: New York Attorney General Letitia James today secured $400,000 from one of New York’s largest dental insurance providers, Healthplex, Inc. (Healthplex), for failing to properly protect the personal and medical information of New Yorkers. Healthplex, a Long Island-based company, had inadequate data security practices that made it susceptible to a data breach attack…
Alleged Chinese cyberattacks target US power and water systems
Duncan Riley reports: U.S. government officers and cybersecurity experts are warning that the Chinese military is allegedly attempting to infiltrate critical infrastructure, including power and water utilities and transportation systems in the U.S. The Washington Post reported, referencing unnamed officials and security experts, that hackers allegedly affiliated with China’s People’s Liberation Army have burrowed into the…
Ransomware Group Publishes Stolen Medical Data
Paul Sisson reports: Though Tri-City Medical Center got its operations back up and running 17 days ago, ransomware extortion efforts appear to be ongoing against the Oceanside hospital. Earlier this week, a cybersecurity expert noted in a message on X, formerly called Twitter, that “INC RANSOM”, a well known group of cyber extortionists, announced its possession of records stolen…
Disgruntled Cloud Engineer Sentenced to Two Years in Prison for Intentionally Damaging His Former Employer’s Computer Network After He Was Fired
Miklos Daniel Brody Retaliated Against His Former Employer, a Bank, by Damaging the Bank’s Cloud System and Stealing Valuable Computer Code SAN FRANCISCO – Miklos Daniel Brody was sentenced to 24 months in prison today for a network intrusion and for making false statements to a government agency, announced United States Attorney Ismail J. Ramsey…