Aultman Health Foundation Notifying Patients of Insider-Wrongdoing The Ohio foundation is notifying approximately 7,000 patients that a former employee accessed their records without business need. HOYA Optical Labs of America Notifying Patients of Ransomware Incident As first reported by HealthITSecurity, the Japanese-headquartered firm notified 3,259 U.S. patients of a ransomware incident. The incident occurred in…
Category: Commentaries and Analyses
HSE seeks order to help find who uploaded or downloaded files stolen in cyberattack
Ann O’Loughlin reports: Over 20 people either uploaded or downloaded confidential information stolen in last month’s cyberattack on the HSE onto a web service provided by a Google-owned internet security firm, the High Court has heard. Mr Justice Tony O’Connor was told on Friday that late last month approximately 27 files stolen from the HSE…
Facebook Pays $6.5 Million to End Fee Fight in Breach Case
David McAfee reports: Facebook Inc. will pay $6.5 million to class counsel in a lawsuit that alleged the company’s negligence allowed hackers to obtain user information via software bugs, ending a dispute over attorneys’ fees. The parties reached an agreement prior to a hearing scheduled for Thursday, they told Judge William Alsup. The amount is described…
Arrested Clop gang members laundered over $500M in ransomware payments
Catalin Cimpanu reports: The members of the Clop ransomware gang that were arrested last week in Ukraine as part of an international law enforcement action also operated money laundering services for multiple cybercrime groups. According to cryptocurrency exchange portal Binance, the group engaged in both cyber-attacks and “a high-risk exchanger” that laundered funds for the Clop ransomware…
Data breaches: Most victims unaware when shown evidence of multiple compromised accounts
The implications of this research report are somewhat disheartening — but also important. If even with media coverage, notification laws, and HaveIBeenPwned, people STILL don’t know that their info has been caught up in multiple breaches, we need to do more educating. It’s been nine years since the LinkedIn data breach, eight years since Adobe…
LV Ransomware Group Repurposed REvil Binary, Researchers Find
Dennis Fisher reports: Researchers have discovered that the LV ransomware that has been in use since late 2020 is actually a modified version of the REvil ransomware binary that is being distributed by a separate threat group. An analysis of the LV ransomware binary by Secureworks Counter Threat Unit researchers shows that LV is a version of…