Citing a July 30 report in The Hacker News, SC Media reports: Following recent arrests of alleged Scattered Spider members in the UK, Google Cloud’s Mandiant Consulting has reported a noticeable pause in the group’s activities, offering a “critical window of opportunity” for organizations to bolster their defenses, reports The Hacker News. THN had reported,…
Category: Commentaries and Analyses
Follow-up: Qilin responds to claims by affiliate and leak by competitor
Several days ago, we noted a report on GBHackers that described what they characterized as a significant security breach within the Qilin ransomware operation. Over on SuspectFile, Marco A. De Felice was able to get a statement from Qilin in response to the claims. Actually, he got three statements. The first two were specific to…
Are Scattered Spider and ShinyHunters one group or two? And who did France arrest? (1)
When DataBreaches was a kid, the “new math” they were experimenting with had us learning binary and other systems. It didn’t go over well with us, our teachers, or our parents back then. Now the “new math” for me is UNCs — specifically 6040, 5537, 3944, and 6240. 6040+5537+3944 +6240 = Scattered Spider + ShinyHunters…
Aftermath: More than 99% of providers opted to have Change Healthcare notify patients of its massive data breach
The Change Healthcare data breach affecting more than 190 million patients, stands as the largest single breach ever affecting patients. Threat actors known as BlackCat (aka AlphV) had reportedly used a set of stolen credentials to remotely access the company’s systems that weren’t protected by multifactor authentication. Confronted with a massive breach, UnitedHealth decided to…
Six months after discovering an attack, Northwest Radiologists notifies almost 350,000 Washington State residents
On January 20, 2025 Mt. Baker Imaging and Northwest Radiologists in Washington State (collectively, “Northwest Radiologists”) experienced a network intrusion that they discovered on January 25. Although media reported on the incident on January 27, it was not until March 26 that Northwest Radiologists posted a notice on its website (archived). DataBreaches could find no…
As ransomware gangs threaten physical harm, ‘I am afraid of what’s next,’ ex-negotiator says
Jessica Lyons reports: Ransomware gangs now frequently threaten physical violence against employees and their families as a way to force victim organizations into paying their demands. According to a survey of 1,500 security and IT professionals conducted by Censuswide on behalf of security firm Semperis, digital intruders are still holding more traditional threats of system lockouts (52…