Joseph Cox and Lorenzo Franceschi-Bicchierai report: Hackers linked to the crippling NotPetya ransomware attack, which encrypts files on infected machines, have proved to Motherboard they have the ability to decrypt some locked files. Security researchers have spent much of the last week debating whether victims of NotPetya will ever get their files back, with many…
Category: Malware
While investigating one ransomware attack, Walnut Place hit with second attack
On May 12, I posted a press release from Walnut Place about a ransomware attack that had occurred in January. Their press release did not disclose that they had become aware of a second ransomware attack on May 6. A new press release, dated today, does: On March 13, 2017, Walnut Place leadership was informed…
Two charged with running hacking service used in ‘major computer intrusions’ of U.S. businesses
Rachel Weiner reports: Two men from Latvia ran a malware service that has been in operation for more than a decade and used in major attacks against U.S. businesses, according to an indictment unsealed Wednesday in federal court in Alexandria, Va. The men, along with an alleged co-conspirator in Virginia, designed a buffet of hacking…
Hackers Connected to NotPetya Ransomware Surface Online, Empty Bitcoin Wallet
Lorenzo Franceschi-Bicchierai reports: Hackers connected to the disruptive world-wide ransomware attack that crippled Ukraine and hit computers all over the world have surfaced online. Bitcoin sent to the hackers by victims has been moved from an online wallet, and someone seemingly connected to the group is now asking for more money. On June 28, unknown…
So many notifications due to ransomware, but are these really necessary?
Another entity has recently notified patients whose protected health information was on a server infected with ransomware. Once again, even though investigation turned up no evidence that any patient’s PHI was actually accessed or exfiltrated, entities are notifying – on the side of caution and/or because HHS requires them to in the absence of firm…
Cove Family & Sports Medicine recovers from ransomware, but loses some data
There are different metrics for describing the impact of a breach, but one of the ones I use in my subjective system is whether patient data that might be needed for care have been lost, stolen, or corrupted. In June, there were a lot of data breaches or security incidents and many involved ransomware. One…