A notification letter template that showed up on the California Attorney General’s site this week is dated “February 19, 2021.” I assume the 2021 is a typo based on the rest of the letter. The letter from Orthopedic Associates of Hawaii (OAH) begins (emphasis added by this site): Orthopedic Associates of Hawaii, All Access Ortho…
Category: Malware
Conti ransomware gang takes over TrickBot malware operation
Ionut Ilascu reports: After four years of activity and numerous takedown attempts, the death knell of TrickBot has sounded as its top members move under new management, the Conti ransomware syndicate, who plan to replace it with the stealthier BazarBackdoor malware. TrickBot is a Windows malware platform that uses multiple modules for various malicious activities,…
Broward schools took extraordinary steps to hide key details of massive data breach
Scott Travis reports: When the Broward School District learned that hackers may have accessed the personal data of thousands of people from district servers, its response was to hide and delay. The district took extraordinary steps to keep the public, including 50,000 potential victims, from learning about ransomware attacks that took place from November 2020 to March…
Grand Junction man negotiates with ransomware ‘bad guys’
Tom Hesse reports: Eastern Europe can be perilous if you have the kind of job Kurtis Minder has. It’s a line of work featuring regular correspondence with the FBI and familiarity with the U.S. Treasury Department’s Office of Foreign Asset Control Sanctions list. Minder operates in the sprawling world of cybersecurity, drawing interest for his…
Allen ISD cybersecurity update: personal information of more than 500 employees hacked in September 2021
Jay Wallis provides an update on the Allen ISD ransomware incident first reported by the district in September. Part of the district’s newly revealed findings: According to the investigation, there is no evidence that any unauthorized user got into Allen ISD’s databases, including the Student Information and Financial databases. District officials said they determined that…
QRS Data Breach Exposed Psych Care Consultants Patient Information – Class Action Allegations
DataBreaches.net does not report on most potential class action lawsuits because many of them will not survive motions to dismiss. This case, however, is a bit more interesting to me because it involves sensitive mental health data, ransomware, leaked data, and claims about inadequate monitoring of a business associate. The case is K.L. v. Psych…