Jurgita Lapienytė reports: Unlike most ransom campaigns, CheckMate, discovered in 2022, has been quiet throughout its operations. To the best of our knowledge, it doesn’t operate a data leak site. That’s quite unusual for a ransomware campaign since many prominent gangs brag about big targets and post them as victims on their data leak sites….
Category: Malware
Bluefield University cyberattack affects employees, students, and some students’ parents (2)
Updated May 13: It appears that Bluefield U. has not warned students that the university’s system is still compromised and that the threat actor can see and acquire files. Yesterday, a student that DataBreaches will not name submitted a Virginia Tuition Assistance Grant application with his full Social Security number, date of birth, and other…
NY: Richmond University Medical Center suffers ransomware attack; unclear if patient info compromised
Joseph Ostapiuk reports: Richmond University Medical Center (RUMC) in West Brighton experienced a recent ransomware attack that has triggered an ongoing network outage at the hospital, an official said. The extent of the breach, which has crippled online services at the over-470 bed facility, is not currently clear. The hospital is now working to both…
A harbinger of bad things to come?
Seen on the AlphV/BlackCat leak site today: ResultsCX | The result of many unknown breaches? 5/11/2023, 9:03:10 PM We have numerous accounts to share about how our organization was able to gain initial access to various fortune 100 companies using the ResultsCX network and credentials. Interestingly, these companies are completely unaware that we have accessed…
#StopRansomware: Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
Jen Easterly, Director of CISA, tweeted: In early May 2023, a group self-identifying as the Bl00dy Ransomware Gang was observed attempting to exploit vulnerable PaperCut servers at educational institutions. Read our joint advisory with @FBI and apply patches or workarounds today: http://go.dhs.gov/4sz The advisory is embedded below:
Methodist Family Health discloses breach potentially involving sensitive info on children
On May 3, Methodist Family Health (MFH) in Arkansas notified HHS that 5,259 patients were affected by a breach. On their website, MFH posted a notice on the same day. It begins: Methodist Family Health (“MFH”) experienced a data breach on March 4, 2023, that was first detected on March 6, 2023. After a thorough…