An interesting press release from the South East Regional Organised Crime Unit (SEROCU): Around £1.9 million worth of stolen cryptocurrency is to be paid back to victims of theft as a result of work by the South East Regional Organised Crime Unit (SEROCU). On 27 January this year, 40-year-old Wybo Wiersma, of Het Weike, Goredijk,…
Category: Commentaries and Analyses
Paging regulators to Aisle 4 to look at Pacific Union College’s data security and breach disclosure
On November 8, Pacific Union College in California notified the Maine Attorney General’s Office of a breach in March 2023 that impacted 56,041 people. Their notification, submitted by external counsel at McDonald Hopkins, indicates that the breach occurred between March 5 and March 19, 2023 and was discovered on October 9, 2023. That discovery date…
Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack
Team Huntress writes: In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat actor activity against multiple healthcare organizations. The attackers abused a locally hosted instance of a widely-used remote access tool, ScreenConnect—utilized by the company Transaction Data Systems (which…
OFAC Sanctions Russian National Ekaterina Zhdanova for Using Cryptocurrency to Launder Money on Behalf of Russian Elites and Ransomware Groups
The Chainanalysis Team writes: On November 3, 2023, the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Russian national Ekaterina Zhdanova for using cryptocurrency to launder money on behalf of Russian elites, ransomware groups, and other bad actors. Below, we’ll explore the three Bitcoin addresses included in OFAC’s designation that she used…
Attorney General James Secures $450,000 from US Radiology Specialists for failing to protect patient data
The following press release from the NYS Attorney General’s Office relates to an incident previously noted on DataBreaches.net. The Assurance of Discontinuance provides details on the breach not previously known to this site and serves as a reminder of the need to timely update and patch. NEW YORK – New York Attorney General Letitia James…
FBI: Ransomware Actors Continue to Gain Access through Third Parties and Legitimate System Tools
FBI Private Industry Notification TLP:CLEAR November 7, 2023 Summary The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification to highlight ransomware initial access trends and encourage organizations to implement the recommendations in the “Mitigations” section to reduce the likelihood and impact of ransomware incidents. Threat As of July 2023, the FBI noted…