James Rundle reports: New York regulators Monday plan to issue cybersecurity regulations for hospitals, after a series of attacks crippled operations at medical facilities. Under draft rules reviewed by The Wall Street Journal, New York will require general hospitals to develop and test incident response plans, assess their cybersecurity risks and install security technologies such…
Category: U.S.
Time’s up: SingularityMD sets up to sell data from Jeffco Public Schools
It looks like “SingularityMD,” the hacker(s) of Clark County School District in Nevada and Jeffco Public Schools in Colorado, are looking to start selling the data they exfiltrated. In an introductory post today on Breach Forums, they write: We are SingularityMD. We specialize in low sophistication corporate network infiltration. We are behind the following hacks…
Butte School District shuts down computer network after system compromised
John Emeigh reports: The Butte School District was forced to shut down its computer system this week to investigate an unknown breach of the network that serves all the public schools in the city. “All I can say is that we’re still investigating the issue and we do not have any clear information of what…
McLaren Health Care notifying 2.2 million patients about the BlackCat attack in August
On September 30, AlphV threat actors (aka BlackCat) added McLaren Health Care to their dark web leak site. They updated their listing on October 4, claiming to have data on 2.5 million people. That same week, McLaren confirmed that they had been the victim of a ransomware attack it first detected on August 22. Michigan’s…
PJ&A data breach also affected millions of Northwell Health patients (1)
News12 on Long Island reports that the Perry Johnson & Associates (PJ&A) breach reported previously on this site has also affected Northwell Health, a major health system on Long Island. PJ&A is the same medical transcription service vendor whose breach affected 1.2 million patients of Cook County Health in Illinois. That health system was notified…
Paging regulators to Aisle 4 to look at Pacific Union College’s data security and breach disclosure
On November 8, Pacific Union College in California notified the Maine Attorney General’s Office of a breach in March 2023 that impacted 56,041 people. Their notification, submitted by external counsel at McDonald Hopkins, indicates that the breach occurred between March 5 and March 19, 2023 and was discovered on October 9, 2023. That discovery date…