Aditya Raghuwanshi reports: NASCAR’s cybersecurity defenses were put to the test earlier this year, and now the sport has confirmed what had long been rumored: a ransomware group successfully breached its internal systems in March 2025. The attack, carried out by the Medusa group, reportedly resulted in over 1 terabyte of sensitive data being stolen—including…
Category: Malware
Infinite Services notifying employees and patients of limited ransomware attack
On May 5, 2025, Infinite Services in New York became aware of suspicious activity when employees were unable to log into the network. “Several servers were off, but one remained on which had an extension from the threat actor group,” external counsel SpencerFane informed the New Hampshire Attorney General. “The electricity was unplugged from the…
BlackSuit ransomware site seized as part of Operation Checkmate
The BlackSuit ransomware operation has been disrupted by coordinated international law enforcement. A splash screen appeared on their leak site this week: THIS DOMAIN HAS BEEN SEIZED This site has been seized by U.S. Homeland Security Investigations as part of a coordinated international law enforcement investigation. OPERATION CHECKMATE Numerous agencies were involved in Operation Checkmate,…
Korea imposes 343 million won penalty on HAESUNG DS for data breach of 70,000 shareholders
Kim Su-jeong reports: The Personal Information Protection Commission announced on the 24th that it imposed a penalty surcharge of 343 million won [USD $250,136.73] on HAESUNG DS, a semiconductor parts company, after it left vulnerabilities in its network security equipment unattended, resulting in a hacker attack that leaked personal information of over 70,000 shareholders. According…
HHS OCR Settles HIPAA Ransomware Investigation with Syracuse ASC for $250k plus corrective action plan
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Syracuse ASC, LLC doing business as Specialty Surgery Center of Central New York, for potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security and Breach Notification Rules. Syracuse ASC is a…
#StopRansomware: Interlock
Actions for Organizations to Take Today to Mitigate Cyber Threats Related to Interlock Ransomware Activity Prevent initial access by implementing domain name system (DNS) filtering and web access firewalls, and training users to spot social engineering attempts. Mitigate known vulnerabilities by ensuring operating systems, software, and firmware are patched and up to date. Segment networks…