In April, Jim Walter of SentinelOne wrote an article about how some ransomware affiliates were teaming up with others to get paid if they had been cheated by previous partners. Perhaps the best-known recent example of this occurred after ALPHV allegedly secured a $22 million ransoms from Change Healthcare and then absconded with the money…
Category: Commentaries and Analyses
Turning the tables: two gangs’ opsec fails exposed data; good guys deleted it
Yesterday’s Risky Biz News reported that threat intel firm DarkAtlas says it gained access to one of the Rclone data exfil servers used by the Medusa ransomware group. How many times have researchers uncovered exposed data and warned that threat actors might be able to acquire, manipulate, or delete data? In today’s post, we read…
ICO reprimands the Electoral Commission after cyber attack compromises servers
The U.K.’s Information Commissioner’s Office issued the following statement today: We have issued a reprimand to the Electoral Commission after hackers gained access to servers that contained the personal information of approximately 40 million people. In August 2021, hackers successfully accessed the Electoral Commission’s Microsoft Exchange Server by impersonating a user account and exploiting known…
Curbing liabilities for hacked health systems
Daniel Payne, Ben Leonard, and Chelsea Cirruzzo report: THE LIABILITY QUESTION — State lawmakers, concerned by what they consider to be overreaching class-action lawsuits against health care organizations over data breaches, are moving to curb liability for them, Ben reports. Tennessee is the latest in a string of states to move to reduce liability for organizations that adopt…
Northeast Rehabilitation Hospital Network’s “incident” was a ransomware attack with data leaked, but they haven’t said that.
Northeast Rehabilitation Hospital Network (“NRHN”) is a comprehensive network of physical rehabilitation services that includes four inpatient hospitals and 25+ outpatient rehabilitation clinics. It also provides pain management and specialized pediatric outpatient rehabilitation. On July 19, NRHN notified the U.S. Department of Health & Human Services (HHS) of a “hacking/IT incident” that affected 501 patients. The “501” is…
North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker
James Coker reports: Cybersecurity awareness training company KnowBe4 has revealed it was duped into hiring a fake IT worker from North Korea, resulting in attempted insider threat activity. The malicious activity was identified and prevented before any illegal access was gained or any data was compromised on KnowBe4 systems. In a blog published on July 23,…