The Justice Department today unsealed two indictments charging a Russian national and resident with using three different ransomware variants to attack numerous victims throughout the United States, including law enforcement agencies in Washington, D.C. and New Jersey, as well as victims in healthcare and other sectors nationwide. According to the indictment obtained in the District…
Category: Commentaries and Analyses
Our Definition of Harm Is Harmful
Bill Fitzgerald writes: In April 2023, the class action lawsuit against Illuminate Education was thrown out because the judge in the case determined that the people whose data was impacted by the breach could not show any harm, or any instances of identity theft, from the breach. This decision is both fully in line with past situations…
Ransomware corrupts data, so backups can be faster and cheaper than paying up
Simon Sharwood reports: Ransomware actors aim to spend the shortest amount of time possible inside your systems, and that means the encryption they employ is shoddy and often corrupts your data. That in turn means restoration after paying ransoms is often a more expensive chore than just deciding not to pay and working from our…
CrowdStrike finds new ransomware-as-a-service group targeting VMWare ESXi servers (5 tips to fight back)
Nancy Liu reports: CrowStrike discovered a new ransomware-as-a-service (RaaS) group — MichaelKors (formerly Qilin) — targeting VMWare ESXi servers since last month. The VMWare ESXi is a hypervisor that runs and manages virtual machines (VMs) directly on a dedicated host’s hardware. The products associated with the ESXi platform include VMware vSphere Hypervisor, vCenter, ONE Access or Identity…
North Korean Crypto Thefts Surpass $2.5 Billion
Coingape reports: North Korean hackers have stolen $721 million from Japan since 2017, accounting for 30% of the crypto thefts worldwide. According to a study by a U.K.-based compliance specialist, North Korea employs hacking and ransomware to steal crypto assets, especially in Japan, Vietnam and Hong Kong, the leading Asian crypto hubs. Lazarus Group, a North Korean-based hacker group’s…
Ransomware attack on PharMerica affected 5.8 million patients
While the Fortra/GoAnywhere data breach by Clop is shaping up to be the biggest, or one of the biggest, breaches affecting HIPAA-covered entities and business associates in 2023, an attack by Money Message on PharMerica is currently the largest single breach reported so far this year, with almost 6 million affected. On April 8, DataBreaches…