Ellen Whinnet reports: A ransomware gang is claiming to have breached a Sydney cancer hospital, and is threatening to release data unless payment is made. NSW Health confirmed it was aware of the threats made against the Crown Princess Mary Cancer Centre at Westmead Hospital, and was investigating. The global ransomware gang Medusa posted on…
Category: Health Data
Brightline continues notifying clients of GoAnywhere incident; count continues to rise (more than 1 million)
Updated May 3: When DataBreaches checked Clop’s leak site today, the listing for Brightline was gone. Whether this means that they paid Clop to get it removed, or if its removal is just temporary remains to be seen. But out of all the health-related Fortra clients this site reported on in April, the Brightline listing…
TN: Murfreesboro Medical Clinic remains closed due to cyberattack
Update of May 6: Although neither the clinic nor the attackers have confirmed it yet, this attack appears to be the work of BianLian, whose obfuscated description on their leak site matches Murfreesboro’s description. BianLian claims to have over 250 GB of files. Carmyn Gutierrez and Caleb Wethington report: The Murfreesboro Medical Clinic & SurgiCenter was…
IT giant Bitmarck shuts down customer, internal systems after cyberattack
Jessica Lyons Hardcastle reports: German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. The company, one of the largest service providers for German health insurers, said no customer, patient, or insured individuals’ data had been accessed in the security breach…
HC3: Sector Alert Report: New Data Breaches from Cl0p and Lockbit Ransomware Groups
April 28, 2023 New Data Breaches from Cl0p and Lockbit Ransomware Groups Executive Summary Ransomware-as-a-service (RaaS) groups Cl0p and Lockbit recently conducted several distinct attacks, exploiting three known vulnerabilities (CVE-2023-27351, CVE-2023-27350, and CVE-2023-0669). The Cybersecurity and Infrastructure Security Agency (CISA) added the latter two vulnerabilities to its Known Exploited Vulnerabilities Catalog but has not yet…
U. of Iowa Health Care denies sharing patient data with Facebook, but are they right?
DataBreaches never accused U. of Iowa Health Care of sharing patient data with Facebook, but it seems that someone did. Clark Kaufmann reports: The University of Iowa Hospitals & Clinics is denying that it shares any confidential patient information with Facebook. Last week, lawyers for an Iowa woman, Eileen Yeisley, filed suit against UIHC in…