After the Medusa gang reportedly demanded a $2 million ransom from UK healthcare and community services provider HCRG Care Group, HCRG confirmed they had a breach and said they were investigating. But they did not confirm that patient data and employee was affected and they did not confirm that files had been encrypted. On February…
Category: Commentaries and Analyses
UK: More details emerge about ransomware attack on HCRG by Medusa
In a recent report in The Register about an attack by Medusa on HCRG in the U.K., Iain Thomson reported, “For now, then, HCRG is still operational – a stark contrast to what happened in Texas last year, when the University Medical Center in Lubbock was forced to severely limit operations and turn away ambulances following…
No need to hack when it’s leaking, Monday edition: TeammateApp
Another day, another leak, another inaccurate claim by an entity, and another inappropriate attack on a researcher. Buckle up. TeammateApp is not the sort of entity that DataBreaches usually reports on. DataBreaches decided to report on a data leak they reportedly experienced because once again, a well-intended researcher appears to have been falsely accused of…
HHS Office for Civil Rights Imposes a $1,500,000 Civil Money Penalty Against Warby Parker in HIPAA Cybersecurity Hacking Investigation
There is a follow-up to a breach previously reported on DataBreaches.net in December 2018. February 20 — Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1,500,000 civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of prescription and non-prescription eyewear, concerning violations of…
Meet NailaoLocker: a ransomware distributed in Europe by ShadowPad and PlugX backdoors
Marine Pichon and Alexis Bonnefoi of Orange Cyberdefense report: Last year, Orange Cyberdefense’s CERT investigated a series of incidents from an unknown threat actor leveraging both ShadowPad and PlugX. Tracked as Green Nailao (“Nailao” meaning “cheese” in Chinese – a topic our World Watch CTI team holds in high regard), the campaign impacted several European organizations, including in the healthcare vertical, during…
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger
Dan Black of Google’s Threat Intelligence Group writes: Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government…