From the “Wait-What-Happened-Here Dept:” On October 19, the Black Suit ransomware group announced that they had attacked Rutherford County Schools in Tennessee. Their listing, posted on their dark web site, included what appears to be an indication of what data and how much data they were able to exfiltrate. It did not indicate whether they…
Category: Malware
Westend Dental agrees to pay Indiana $350K and to implement corrective action plan to settle charges of multiple HIPAA violations
TechCrunch recently did its annual write-up of badly handled data security incidents. The following wasn’t in it but is one of the worst security and privacy failures that I’ve ever read, and that’s saying a lot. This case stems from a ransomware attack by Medusa Locker in October 2020 that is first being seriously addressed…
Pittsburgh Regional Transit dealing with ransomware attack that slowed light rail system last week
One unfortunate holiday tradition seems to be that ransomware groups will attack at holiday times when entities are less likely to have full IT support from staff. One attack, however, reportedly started last week. Ed Blazina reports: What Pittsburgh Regional Transit last week thought was a computer glitch that affected rail service has turned out…
The Fine Line Between Ideology and Crime: Understanding the True Purpose of Dragon Ransomware – The Interview
Over on SuspectFile, Marco A. De Felice writes: This interview provides a detailed look at Dragon Ransomware, a group active in the cybercrime landscape that combines a defined organizational structure with advanced technological expertise. Their statements shed light on operational elements and motivations that help to better understand the internal dynamics of these illicit activities….
Ascension cyberattack exposed personal data of 5.6 million people
Sarah Volpenhein reports: Nearly 5.6 million people were affected in the ransomware attack that hit Ascension in May, the national health system now says. Until now, the health system had not publicly disclosed the total number of people affected by the May ransomware attack that compromised patient data and ultimately caused major disruptions to patient…
Romanian National Sentenced to 20 Years in Prison in Connection with NetWalker Ransomware Attacks
A press release from the U.S. Department of Justice: A Romanian man was sentenced today for his role in the NetWalker ransomware attacks to 20 years in prison and ordered to forfeit $21,500,000 and his interests in an Indonesian limited liability company and associated luxury resort property under construction in Bali, Indonesia — a business…