Settlement with Northeast Surgical Group marks OCR’s 10th ransomware enforcement action and 4th enforcement action in OCR’s Risk Analysis Initiative. Today the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Northeast Surgical Group, P.C. (NESG), a provider of surgical services in Michigan, for a potential violation…
Category: Malware
New Amazon Ransomware Attack—‘Recovery Impossible’ Without Payment
Davey Winder reports: Ransomware is a cybersecurity threat that just won’t go away. Be it from groups such as those behind the ongoing Play attacks, or kingpins such as LockBit returning from the dead the consequences of falling victim to an attack are laid bare in reports exposing the reach of ransomware across 2024. A new ransomware threat, known as…
UK floats ransomware payout ban for public sector
Connor Jones reports: A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the trend of criminals locking up whole systems and taxpayers footing the bill. The consultation will consider views on extending the ransom payment ban from central government departments…
Two ransomware groups claimed they attacked Rutherford County Schools. One leaked sensitive records. (UPDATED)
From the “Wait-What-Happened-Here Dept:” On October 19, the Black Suit ransomware group announced that they had attacked Rutherford County Schools in Tennessee. Their listing, posted on their dark web site, included what appears to be an indication of what data and how much data they were able to exfiltrate. It did not indicate whether they…
Westend Dental agrees to pay Indiana $350K and to implement corrective action plan to settle charges of multiple HIPAA violations
TechCrunch recently did its annual write-up of badly handled data security incidents. The following wasn’t in it but is one of the worst security and privacy failures that I’ve ever read, and that’s saying a lot. This case stems from a ransomware attack by Medusa Locker in October 2020 that is first being seriously addressed…
Pittsburgh Regional Transit dealing with ransomware attack that slowed light rail system last week
One unfortunate holiday tradition seems to be that ransomware groups will attack at holiday times when entities are less likely to have full IT support from staff. One attack, however, reportedly started last week. Ed Blazina reports: What Pittsburgh Regional Transit last week thought was a computer glitch that affected rail service has turned out…