In October 2023, Deer Oaks Behavioral Health in Texas disclosed a ransomware attack that affected 171,871 patients, which they discovered on September 1, 2023. LockBit3.0 claimed responsibility at the time and leaked data from the incident. Today, HHS OCR announced a settlement with Deer Oaks following an expanded investigation that had been opened after an…
Category: Malware
Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
As previously reported, Nova Scotia Power confirmed that it had been the victim of a ransomware attack in March but had not paid the ransom demands. They declined to publicly name the threat group or individual responsible. Their most recent incident update of June 25 provides some additional information for customers. On July 3, Nova…
SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
SK Telecom continues to deal with the substantial consequences of a data breach affecting its 23 million customers. In early April, the telecom reportedly discovered signs of a massive leak of customers’ universal subscriber identity module (USIM) data due to a cyberattack. They offered free replacement of the USIMs to all their 23 million users,…
Hunters International to provide free decryptors for all victims as they shut down (2)
At the beginning of 2025, it appeared that Hunters International was abandoning encrypting victims and was re-branding as World Leaks. But Hunters kept updating their leak site with new encryption incidents instead of going extortion-only and becoming World Leaks. A World Leaks spokesperson subsequently informed DataBreaches that they had parted company with Hunters International over…
DOJ investigates ex-ransomware negotiator over extortion kickbacks
Lawrence Abrams reports: An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals. The suspect is a former employee of DigitalMint, a Chicago-based incident response and digital asset services company that specializes in ransomware negotiation and facilitating cryptocurrency payments to receive a…
U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
Ravie Lakshmanan reports: The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof hosting (BPH) service provider Aeza Group to assist threat actors in their malicious activities and targeting victims in the country and across the world. The sanctions also extend to its subsidiaries Aeza International Ltd.,…