Jessica Kim Cohen reports: The latest data from the Human Services Department’s Office for Civil Rights show the largest number of healthcare data breaches in a year since regulators started tallying them in 2010. This year’s total beat last year’s by a single incident. These breaches didn’t affect as many patients as the worst year…
Category: Commentaries and Analyses
A reset on ransomware: Dominant variants differ from prior years
As seen on Intel471’s blog: There’s been a shift in the ransomware-as-a-service ecosystem. Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS groups dominating the ecosystem at this point in time are completely different than just a few months ago. Yet, even with the shift in the variants,…
Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement
Vitali Kremez & Yelisey Boguslavskiy write: This redacted report is based on our actual proactive victim breach intelligence and subsequent incident response (not a simulated or sandbox environment) identified via unique high-value Conti ransomware collections at AdvIntel via our product “Andariel.” This is a redacted TLP:WHITE version of the larger AdvIntel findings. Read their report…
Resource: Ransomware attacks on healthcare sector (CyberPeace Institute)
CyberPeace Institute has made a ransomware incident tracer publicly available. The not-for-profit organization compiled and analyzed 295 cyberattacks against the healthcare sector across 35 countries from June 2020 until now. You can access their data and analyses at https://cit.cyberpeaceinstitute.org/explore
US schools leaked 28.6 million records in 1,851 data breaches since 2005
Sam Cook reports: Since 2005, K–12 school districts and colleges/universities across the US have experienced over 1,850 data breaches, affecting more than 28.6 million records. Our team of researchers analyzed data over the past 15 years to find out where the hot spots are, the biggest causes of these breaches, and how many students have…
Desjardins reaches $200M class action settlement in wake of data breach
The Canadian Press reports that Mouvement Desjardins has reached a $200-million settlement with plaintiffs in a class action suit launched after a massive data breach in June 2019. The settlement has to be approved by the Superior Court of Quebec. Read more at Montreal Gazette. A press release issued by plaintiffs’ counsel states, in part:…