PRODAFT Threat Intelligence (PTI) Team has obtained valuable insights on the inner workings of the Conti ransomware group. The PTI team accessed Conti’s infrastructure and identified the real IP addresses of the servers in question. This report provides unprecedented detail into the way the Conti ransomware gang works, how they select their targets, how many…
Category: Malware
Update: Eskenazi patients receive letter in the mail alerting them of cyber security breach 6 months ago
Bianca Reyes has an update on the Eskenazi ransomware incident that this site has been reporting on since August: Roughly three months after Eskenazi Health released a statement announcing a cyber security breach that compromised personal data, some patients are just now receiving that news in the mail. According to this release posted last month, Eskenazi…
Officials confirm patient data stolen in N.L. cyberattack
CBC News reports: Officials have confirmed that personal information of medical patients in Newfoundland and Labrador has been stolen in the cyberattack that has wreaked havoc on the provincial health-care system for over two weeks. While speaking with reporters on Monday, Justice Minister John Hogan said it was his understanding that both patient and employee…
Critical Infrastructure Protection: Education Should Take Additional Steps to Help Protect K-12 Schools from Cyber Threats
GAO-22-105024 Published: Oct 13, 2021. Publicly Released: Nov 12, 2021. Highlights from the government report: What GAO Found Federal guidance, such as the National Infrastructure Protection Plan (National Plan), specify the roles and responsibilities of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Department of Education’s Office of Safe and Secure…
When I emailed Overlake OB/GYN in July about a ransomware attack in 2020, I didn’t anticipate what would happen next.
In December, 2019, Overlake Medical Center & Clinics discovered that some employees had fallen for a phishing scheme. On February 7, 2020, they reported the incident to HHS as impacting 109,234 patients. As HHS subsequently summarized things: After the breach, the [Covered Entity] implemented additional administrative and technical safeguards and retrained its staff on the…
Rideau Valley Health Centre service disrupted due to ‘cyber security incident’
Matthew Lapierre reports that the Rideau Valley Health Centre’s IT systems have been impacted by what sounds like a ransomware incident that knocked out use of their phone system and otherwise impaired their ability to function. In the meantime, the clinic said the majority of physicians would be able to attend previously scheduled appointments, but…