Rehoboth Mckinley Christian Health Care Services (“RMCHCS”) in New Mexico has reportedly settled litigation stemming from a ransomware attack that DataBreaches first reported in February 2021. Although Conti ransomware threat actors had added the health care service to their leak site and leaked some patients’ protected health information as proof of claims, there was nothing…
Category: Malware
Washington State city allegedly hit by ransomware
Jurgita Lapienytė reports: Lakewood is a city in Pierce County, Washington, with a population of over 63,000. BlackCat claimed it had breached Lakewood City Council and stolen over 250GB worth of data. “Because of their misunderstanding and inability to negotiate, we share information with you,” BlackCat said and shared a link to download 252GB of…
HardBit 2.0 Ransomware
Jason Hill reports: First observed in October 2022, HardBit is a ransomware threat that targets organizations to extort cryptocurrency payments for the decryption of their data. Seemingly improving upon their initial release, HardBit version 2.0 was introduced toward the end of November 2022, with samples seen throughout the end of 2022 and into 2023. Like…
MN: KFI Engineers pays $300k ransom, Black Basta ransomware group thanks…
Marco A. De Felice (@amvinfe) managed to shoulder-surf ransom negotiations between Black Basta and KFI Engineers (“KFI”) in Minnesota. He reports that the victims wound up paying $300,000.00, half of what the attackers initially demanded. KFI counts schools and hospitals among its clients, but as an engineering firm, one would not expect them to have…
Ca: Sobeys admits to data breach in fall 2022, alerts customers and employees
Hafsa Arif provides an update on the ransomware attack on Sobeys, a Canadian supermarket chain, by Black Basta last year: The Maritime-based Empire Co. – parent company of Sobeys – acknowledges customers and employees past and present are receiving letters saying their personal information may have been compromised. Read more at CTV.
Aviacode remains silent after 0mega dumps 200 GB of their files
On January 9, DataBreaches noticed that Aviacode had been added to the leak site for 0mega. Aviacode, which is part of GeBBS Healthcare Solutions, offers medical coding services, medical coding audits, coding denial management, clinical documentation improvement, and revenue cycle management for billings and claims. As such, it is often a business associate for HIPAA-covered…