Marco A. De Felice reports: The ransomware group ALPHV (BlackCat) has published a first part of exfiltrated data from the Town of Iowa in the state of Louisiana. Approximately 250 scanned documents in PDF format have been released, some of which contain visible Social Security numbers (SSNs) of employees, employee salaries, balance sheets, birthdates, addresses,…
Category: Hack
Exclusive: Advarra hacked, threat actors threatening to leak data (1)
Advarra describes itself as providing integrated solutions to safeguard trial participants, empowering clinical sites, ensuring compliance, and optimizing research performance for thousands of sponsors, contract research organizations, institutions, academic medical centers, and research consortia that it services. On or about October 25, Advarra was hacked and data was exfiltrated. According to one of the people…
Exclusive: Hackers claim they still have access to Clark County School District (CCSD), and reveal more details about hack and stolen data
When reviews of data breaches in the education sector are written for 2023, they will almost certainly mention the 2022 attack on the Los Angeles Unified School District that wasn’t fully disclosed until 2023 and the Minneapolis Public Schools breach. Both of those incidents involved threat actors leaking sensitive information on students. But any 2023…
IL: Morrison Community Hospital patient data leaked by threat actors
On October 13, BlackCat (AlphV) threat actors first threatened to leak data from Morrison Community Hospital (MCH) in Illinois. Shortly thereafter, the listing was removed, only to be re-listed on October 19 with a claim by BlackCat that because the hospital had not given them a clear response, they were going to leak a little…
South Australian health patients caught up in data breach of third-party platform Personify Care
ABC reports: Thousands of South Australian public health patients are being contacted over a data breach of a third-party run portal. The state government said “unintentional human error” by patient portal Personify Care allowed an “unauthorised third party” to delete a folder used to store patient documents uploaded to an online platform. Department of Health…
Hackers escalate: leak 200k CCSD students’ data; claim to still have access to CCSD email system
Clark County School District (CCSD) in Nevada informed parents and employees that they became aware of a “cybersecurity incident” on October 5. Three weeks later, the district had not fully recovered from the attack and parents were complaining about the district’s lack of transparency about what was stolen in the breach. Disturbingly, while the district…