On February 26, Arizona Complete Health notified plan members of the Accellion breach. According to the notification (see below), the threat actors (who have since self-identified as CLOP) were able to “view or save” member information between January 7 and January 25, 2021. The types of ePHI involved included insured members’ name and one or…
Category: Malware
Ransomware attack on Pimpri Chinchwad Smart City servers managed by Tech Mahindra
The Economic Times reports: Pimpri-Chinchwad Municipal Corporation Smart City said on Monday that it had not suffered any data loss due to a ransomware attack late last month and that it had also not paid ransom to the hackers. This is perhaps the first known instance of a cyberattack on a Smart City project, which…
UK: South Gloucestershire schools hit by ransomware attack
Huw Mabe reports: A number of schools in South Gloucestershire have been left without access to their IT systems after being subjected to a targeted ransomware attack. All schools in the Castle School Education Trust are affected, including Castle School and Marlwood School. Read more on Gazette.
Ca: Coleman Group says it caught cyberattack in progress that may have accessed employee files
Mike Moore reports: The Coleman Group of Companies says it was the target of a cyberattack in late February and has reason to believe some of its human resources and payroll files were accessed. According to the company, those files contain names, addresses, social insurance numbers and banking information of employees both past and present. Greg Gill,…
The Metropolitan Area of Barcelona hit by ransomware
Juan Ranchal reports (translation): The Metropolitan Area of Barcelona, AMB, has suspended its digital services after suffering a computer attack that is suspected of being a Ransomware like the recent one from SEPE. “For external reasons, the AMB systems have been affected and electronic processing, other digital services and updating the website are not available,” this administrative body…
21 months after a ransomware attack, a business associate breach first shows up on HHS’s breach tool. Here’s why.
HIPAA Journal reports on an incident that is illustrative of the challenges entities may face in the wake of a ransomware attack — determining whether a breach is a reportable incident or not. It also illustrates what may happen if an entity decides something is not a reportable breach but further investigation by the U.S….