Commentaries and Analyses – Page 44

Data allegedly from Change Healthcare ransomware attack raises more questions than answers (1)

Posted on April 16, 2024 by Dissent

UPDATE: Sometime earlier today, after my communication with RansomHub, they removed the April 15 update described in the post from their listing. It has now been replaced with a note: Change HealthCare – OPTUM Group – United HealthCare Group – FOR SALE The data in now for sale. Anyone interested in the purchase should contact…

Minneapolis therapy clinic sues over cyberattack at UnitedHealth subsidiary

Posted on April 14, 2024 by Dissent

Christopher Snowbeck reports on how the Change Healthcare attack has affected one clinic in Minnesota. His report provides a good illustration of the issues raised by a recent AMA survey of some physicians, reported here previously. From his reporting: Twin Cities Counseling says it hasn’t been able to submit payment claims for more than 100…

Threat actors walked away from a $1.8 million offer because the victim talked to the media?! (1)

Posted on April 4, 2024 by Dissent

A recent listing on LockBit’s leak site about Crinetics Pharmaceuticals seemed unusual. It included a disclaimer: “Those responsible for the exfiltration of data belonging to this victim have no association, indirect or direct, with the Lockbit group.” If those who exfiltrated the data had no association with LockBit, why was the listing on LockBit’s site?…

Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023

Posted on April 4, 2024 by Dissent

CSRB’s Third Review Focuses on Actions Microsoft, Other Cloud Providers, and the U.S. Government Should Take to Protect Cloud Customers WASHINGTON – Today, the U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion. The review detailed operational and…

Cybercriminals Abused Remote Desktop Protocol (RDP) in 90% of Attacks Handled by Sophos Incident Response in 2023

Posted on April 3, 2024 by Dissent

Some more analysis of 2023 breaches. Sophos reports that for more than 150 incident response (IR) cases it handled in 2023, cybercriminals abused remote desktop protocol (RDP) in 90% of attacks. This was the highest incidence of RDP abuse since Sophos began releasing its Active Adversary reports in 2021, covering data from 2020. In addition,…

Grassley, Wyden Probe Data Breach that Exposed 1.5 Million Organ Transplant Patients’ Sensitive Data

Posted on March 28, 2024 by Dissent

AJ Taylor reports: Sens. Chuck Grassley (R-Iowa) and Ron Wyden (D-Ore.) are holding the United Network for Organ Sharing (UNOS) accountable after a data breach allowed UNOS system users unauthorized access to over a million sensitive patient records. This technology breakdown is the latest in a string of failures at UNOS, which for 40 years…