A whitepaper from the HHS Cybersecurity Program. April 7, 2022 Available online at https://www.hhs.gov/sites/default/files/lapsus-okta-health-sector-tlpwhite.pdf (26 pp, pdf)
Category: Hack
East Tennessee Children’s Hospital updates information on ransomware incident
On March 15, this site noted that the East Tennessee Children’s Hospital had posted a notice about an IT security incident. At the time, they did not identify the incident as a ransomware incident. DataBreaches.net subsequently found some explanation for that notice — a listing on a Russian-language forum offering data from ETCH with numerous…
Ca: SLGA business partners should have figured out on their own that their data may have been stolen: minister
Geoff Leo reports on what sounds like an utterly unsatisfactory response by the government to questions as to why it didn’t directly notify those affected of a breach: The minister responsible for the Saskatchewan Liquor and Gaming Authority (SLGA) says the Crown corporation didn’t directly notify its business partners that their data may have been…
US Government Disrupts Botnet Controlled by Russian Government Hackers
Lorenzo Franceschi-Bicchierai reports: The U.S. government announced on Wednesday that it had disrupted a botnet controlled by Russian government hackers before it could be used to launch cyberattacks. In a press release, the Department of Justice announced that it had copied and removed malware from thousands of infected network firewall devices, which were under the…
Would Sea Mar Community Health even know about large patient data dumps if not for DataBreaches.net?
The chronology of Sea Mar Community Health Center’s responses to a massive data breach suggests that they may be first learning of data dumps because of notifications by DataBreaches.net or this site’s reporting of our discoveries. If true, what does that say about their security and incident response? A DataBreaches.net commentary. Since 2021, DataBreaches.net has…
APT10: These sneaky hackers hid inside their victims’ networks for nine months
Danny Palmer reports: A hacking and cyber espionage operation is going after victims around the world in a widespread campaign designed to snoop on targets and steal information. Identified victims of the cyber attacks include organisations in government, law, religious groups, non-governmental organisations (NGOs), the pharmaceutical sector and telecommunications. Multiple countries have been targeted, including…