The following lawsuit and press release were predictable. Could LVHN have protected sensitive patient information better? If so, is less than perfect security somehow “negligent?” And if they are found to be negligent, how will LVHN be held accountable, and how on earth will patients ever come close to being made whole from a breach…
Category: Malware
Ransomware Vulnerability Warning Pilot (RVWP)
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which President Biden signed into law in March 2022, required CISA to establish the RVWP (see Section 105 [6 U.S.C. 652]). ALERT CISA Announces Ransomware Vulnerability Warning Pilot Release Date March 13, 2023 Today, CISA is announcing the creation of the Ransomware Vulnerability Warning…
What’s new in ransomware gang pressure tactics? Not as much as you might think.
It’s hard to believe, but it has really been 17 years since PogoWasRight.org began blogging about breaches, and it’s been 14 years since this spinoff site, DataBreaches.net, opened. Since then, DataBreaches has often reported on criminals’ tactics to secure payment from victims, especially those in the healthcare sector. Thousands of archived posts on DataBreaches.net provide…
Housing Authority of the City of Los Angeles discloses a “complex cyber-attack.” We call it a ransomware attack.
As many of us were waking up to a brand new year, DataBreaches reported that LockBit 3.0 had claimed an attack on the Housing Authority of the City of Los Angeles (HACLA). Screencaps of directories and some files were provided by LockBit as proof of claims. Numerous news outlets picked up the news of the attack,…
Wilkes-Barre Career and Technical Center averts catastrophe from cyberattack
They could have headlined this story as “Good security practices pay off.” Michael P. Buffer reports: A cyber attack on a server at the Wilkes-Barre Career and Technical Center was discovered Wednesday, and antivirus and backup procedures “prevented a catastrophe” and “a lot of problems,” Administrative Director Anthony C. Guariglia said Thursday. The regional vo-tech…
Weekend update: Non-US hospitals hit by cyberattacks
Belgium: CHU St. Pierre Cyberattack DHnet in Belgium reports that Saint-Pierre hospital in central Brussels temporarily closed its emergency room and diverted line 112 to other institutions due to a cyberattack early Saturday morning. The attack reportedly disrupted the functioning of many applications, including patient records and telephone lines. By 5:00 pm Brussels time, most…