Commentaries and Analyses – Page 281

SCOOP: UnitingCare paid hundreds of thousands of dollars to REvil for decryption key and deletion of files

Posted on June 16, 2021 by Dissent

On April 25, UnitingCare Queensland (UCQ) was the victim of a ransomware attack that impacted multiple Queensland hospitals and aged care centres. The next day, they posted a notice on their web site informing people as to what was happening and its impact. And on May 5, they posted a second update where they revealed…

NYS Comptroller DiNapoli Releases School District Audit of East Syracuse-Minoa Central School District – Information Technology (Onondaga County and Madison County)

Posted on June 14, 2021 by Dissent

Summary: Audit Objective Determine whether East Syracuse Minoa Central School District (District) officials established adequate information technology (IT) controls to ensure employees’ personal, private and sensitive information (PPSI) on the financial server was adequately protected from unauthorized access, use and loss. Key Findings District officials did not adequately apply established IT controls to ensure PPSI…

Healthcare entities in Saudi Arabia, Illinois, and Mississippi fall prey to Xing Team

Posted on June 11, 2021 by Dissent

Note: updates to the breaches included in this report appear below the original post. Some threat actors have gained a lot of notoriety while others are lesser known. In this article, DataBreaches.net reports on a relatively unknown group that has been hitting the healthcare sector, “Xing Team.” Like other groups, Xing maintains a dedicated leak…

Arizona Asthma and Allergy Institute Provides Notice of Maze Attack in 2020

Posted on June 11, 2021 by Dissent

An incident initially reported to HHS on May 3 has been updated to 70,372 patients from the initial report of 50,000. The following is the entity’s notice on their web site, and after you read it, I’ll meet you on the other side to explain it more, because they only discovered the breach when DataBreaches.net…

In: Health Ministry Refutes CoWIN Data Leak Claim, Initiates Investigation

Posted on June 11, 2021 by Dissent

Archis Chowdhury reports: The Ministry of Health and Family Welfare refuted the claims around a breach in vaccination data of over 150 million individuals from the CoWIN portal, and termed such claims to be prima facie fake, in a statement issued on Thursday. It also stated that the matter is being further investigated by the…

Cost of ransomware attack on Baltimore County public schools climbs to $7.7M

Posted on June 11, 2021 by Dissent

Lillian Reed reports: Baltimore County school officials estimate the ransomware attack in November will cost the system at least $7.7 million, nearing what Baltimore City spent following a similar attack in 2019. The estimated costs cover a wide range of programs, services, trainings and licenses that helped Maryland’s third-largest school system respond to and recover…