Connor Jones reports: A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the trend of criminals locking up whole systems and taxpayers footing the bill. The consultation will consider views on extending the ransom payment ban from central government departments…
Category: Malware
Two ransomware groups claimed they attacked Rutherford County Schools. One leaked sensitive records. (UPDATED)
From the “Wait-What-Happened-Here Dept:” On October 19, the Black Suit ransomware group announced that they had attacked Rutherford County Schools in Tennessee. Their listing, posted on their dark web site, included what appears to be an indication of what data and how much data they were able to exfiltrate. It did not indicate whether they…
Westend Dental agrees to pay Indiana $350K and to implement corrective action plan to settle charges of multiple HIPAA violations
TechCrunch recently did its annual write-up of badly handled data security incidents. The following wasn’t in it but is one of the worst security and privacy failures that I’ve ever read, and that’s saying a lot. This case stems from a ransomware attack by Medusa Locker in October 2020 that is first being seriously addressed…
Pittsburgh Regional Transit dealing with ransomware attack that slowed light rail system last week
One unfortunate holiday tradition seems to be that ransomware groups will attack at holiday times when entities are less likely to have full IT support from staff. One attack, however, reportedly started last week. Ed Blazina reports: What Pittsburgh Regional Transit last week thought was a computer glitch that affected rail service has turned out…
The Fine Line Between Ideology and Crime: Understanding the True Purpose of Dragon Ransomware – The Interview
Over on SuspectFile, Marco A. De Felice writes: This interview provides a detailed look at Dragon Ransomware, a group active in the cybercrime landscape that combines a defined organizational structure with advanced technological expertise. Their statements shed light on operational elements and motivations that help to better understand the internal dynamics of these illicit activities….
Ascension cyberattack exposed personal data of 5.6 million people
Sarah Volpenhein reports: Nearly 5.6 million people were affected in the ransomware attack that hit Ascension in May, the national health system now says. Until now, the health system had not publicly disclosed the total number of people affected by the May ransomware attack that compromised patient data and ultimately caused major disruptions to patient…