Delta County Memorial Hospital District (Delta Health) in Colorado was the victim of a cyberattack at the end of May 2024. Whatever happened — and the details still haven’t been disclosed — resulted in the provider notifying HHS on July 29 that it had suffered a breach, but the number was not yet known. The…
Category: Commentaries and Analyses
Cover-up Follow-up: Westend Dental starts notifying patients of October 2020 ransomware attack
In December, DataBreaches reported that the Indiana Attorney General’s Office had brought charges against Westend Dental for a number of HIPAA violations. The state had started investigating the dental practice after a patient complained about them not providing a copy of their records in response to a request. In looking into that complaint, the state…
Exclusive: Apex Custom Software hacked, threat actors threaten to leak the software (1)
On January 20, the hackers known as 0mid16B tweeted, “At 7:40AM 20th Jan (US time), a US healthcare software provider has been hacked. All data in server has been deleted. 48 hours left before we publish all data.” The attached screenshot showed a listing of medications, but without any patient information attached. Two days later,…
How Interlock Ransomware Infects Healthcare Organizations
The Hacker News reports on Interlock: The Interlock ransomware group begins its attack with a strategic and highly deceptive method known as a Drive-by Compromise. This technique allows the group to gain initial access to targeted systems by exploiting unsuspecting users, often through carefully designed phishing websites. Initial Attack of the Ransomware# The attack starts…
Let’s Secure Insurance failed to secure their own data storage. Now they have a breach.
Kumar Hemant reports: Let’s Secure Insurance Brokers Pvt Ltd., a prominent Indian insurance brokerage firm, has reportedly fallen victim to ransomware. The perpetrators, identified as the Kill Security (alias KillSec) group, claim to have gained unauthorised access to the company’s data, sparking concerns over potential data breaches. India has increasingly become a focal point for…
PayPal to pay NYS $2M for violating DFS’s Cybersecurity Regulation
January 23, 2025 New York State Department of Financial Services Superintendent Adrienne A. Harris today announced that PayPal, Inc. (PayPal) will pay a $2 million penalty to New York State for violations of DFS’s Cybersecurity Regulation. An investigation determined PayPal failed to use qualified personnel to manage key cybersecurity functions and failed to provide adequate training…