Vivienne Serret reports: Hackers broke into the computer network of the Florida Department of Juvenile Justice in Tallahassee, which runs the state’s juvenile detention centers and programs to steer troubled kids away from crime. It led to a continuing shutdown of the digital backbone the agency uses to manage cases statewide. The department took offline…
Category: Malware
Ca: Hacked hospitals sending 326K letters to patients in Windsor, elsewhere
Taylor Campbell reports: Hundreds of thousands of patients, including many in Windsor-Essex, whose personal information was posted to the dark web following a cyberattack last fall will soon receive letters from impacted hospitals. “One patient is clearly too many,” said Windsor Regional Hospital CEO David Musyj. He called criminal cyberattacks “disgusting acts, particularly when aimed…
CISA Alert: Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094
CISA Alert of March 29, 2024: CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow unauthorized access to affected systems….
American Renal Associates patients affected by ransomware attack
Marco A. De Felice reports: The American Renal Associates (now known as Innovative Renal Care), with over 230 locations across the United States, has become the latest victim in the clinical-hospital sector of a ransomware attack. Recently, the Medusa group has made thousands of PHI and PII data stolen from the company’s servers on March 2nd publicly available on…
Nissan Oceania Data Breach Impacts 100,000 Individuals in Australia and New Zealand
Alicia Hope reports: Nissan Oceania is notifying 100,000 individuals that the December 2023 data breach exposed their personal information. The New Zealand and Australia-based subsidiary of the Japanese automaker Nissan said it detected “unauthorized access” to its local IT servers on December 5, 2023. It responded by notifying law enforcement authorities, privacy regulators, and national…
AHA seeks guidance on reporting breaches linked to Change cyberattack
Naomi Diaz reports: The American Hospital Association sent a letter to the HHS urging them to clarify whether hospitals and health systems should be providing breach notification to patients if protected health information is compromised due to the Feb. 21 cyberattack on Change Healthcare. The March 21 letter, penned to Melanie Fontes Rainer, acting director of the…