Commentaries and Analyses – Page 20

Delta County Memorial Hospital District reveals more about 2024 cyberattack that affected 148,363 people

Posted on February 3, 2025 by Dissent

Delta County Memorial Hospital District (Delta Health) in Colorado was the victim of a cyberattack at the end of May 2024. Whatever happened — and the details still haven’t been disclosed — resulted in the provider notifying HHS on July 29 that it had suffered a breach, but the number was not yet known. The…

Cover-up Follow-up: Westend Dental starts notifying patients of October 2020 ransomware attack

Posted on February 2, 2025February 2, 2025 by Dissent

In December, DataBreaches reported that the Indiana Attorney General’s Office had brought charges against Westend Dental for a number of HIPAA violations. The state had started investigating the dental practice after a patient complained about them not providing a copy of their records in response to a request. In looking into that complaint, the state…

Exclusive: Apex Custom Software hacked, threat actors threaten to leak the software (1)

Posted on January 30, 2025February 1, 2025 by Dissent

On January 20, the hackers known as 0mid16B tweeted, “At 7:40AM 20th Jan (US time), a US healthcare software provider has been hacked. All data in server has been deleted. 48 hours left before we publish all data.” The attached screenshot showed a listing of medications, but without any patient information attached. Two days later,…

How Interlock Ransomware Infects Healthcare Organizations

Posted on January 29, 2025 by Dissent

The Hacker News reports on Interlock: The Interlock ransomware group begins its attack with a strategic and highly deceptive method known as a Drive-by Compromise. This technique allows the group to gain initial access to targeted systems by exploiting unsuspecting users, often through carefully designed phishing websites. Initial Attack of the Ransomware# The attack starts…

Let’s Secure Insurance failed to secure their own data storage. Now they have a breach.

Posted on January 27, 2025January 27, 2025 by Dissent

Kumar Hemant reports: Let’s Secure Insurance Brokers Pvt Ltd., a prominent Indian insurance brokerage firm, has reportedly fallen victim to ransomware. The perpetrators, identified as the Kill Security (alias KillSec) group, claim to have gained unauthorised access to the company’s data, sparking concerns over potential data breaches. India has increasingly become a focal point for…

PayPal to pay NYS $2M for violating DFS’s Cybersecurity Regulation

Posted on January 23, 2025 by Dissent

January 23, 2025 New York State Department of Financial Services Superintendent Adrienne A. Harris today announced that PayPal, Inc. (PayPal) will pay a $2 million penalty to New York State for violations of DFS’s Cybersecurity Regulation. An investigation determined PayPal failed to use qualified personnel to manage key cybersecurity functions and failed to provide adequate training…