Frank Bajak and AP report: Suspected state-backed Chinese hackers used a security hole in a popular email security appliance to break into the networks of hundreds of public and private sector organizations globally, nearly a third of them government agencies including foreign ministries, the cybersecurity firm Mandiant said Thursday. “This is the broadest cyber espionage…
Category: Hack
State governments among victims of MoveIT Transfer breach
Alexander Culafi reports: Illinois, Minnesota and Missouri state governments are among a growing list of organizations attacked via a critical flaw in Progress Software’s MoveIT Transfer product. Progress Software on May 31 detailed an SQL injection bug in its managed file transfer (MFT) software MoveIt Transfer. Progress urged customers to immediately apply mitigations for the…
Maimondes Medical Center notifies 33,000 patients of hacking incident
On April 4, 2023, Maimonides Medical Center (“MMC”) discovered unauthorized access to patient information on one of its servers. Investigation revealed that the hacker had access to the server from March 18, 2023 to April 4, 2023. Information that might have been accessed included names and addresses and limited clinical information, including diagnosis and treatment…
Commonwealth Health Physician Network-Cardiology notified 181,764 patients of network breach
Commonwealth Health Physician Network-Cardiology, also known as Great Valley Cardiology (GVC), has notified 181,764 patients of a network breach that resulted in access to protected health information that included names, addresses and demographic information such as dates of birth; Social Security, driver’s license and passport numbers; credit card or debit card and bank accounts; and…
Rhysida claims to have attacked Paris High School in Illinois
Schools continue to be an attractive and all-too-easy target for criminal groups. This week, Rhysida threat actors added Paris High School in Illinois to their leak site as an “auction” item: There is nothing on the district’s website to indicate any problems or breach. The only possible indicator currently found was on the district’s…
Data breach prompts University of Pittsburgh Medical Center billing contractor to contact 25,000 patients
Kris B. Mamula reports: Some 25,000 University of Pittsburgh Medical Center (UPMC) patients are being contacted by a Tennessee billing contractor following a data breach caused by a software bug that may have exposed names, addresses, social security numbers and other personal information. Kingsport-based Intellihartx LLC, which provides UPMC with billing and collection services, is…