On September 15, INC Ransom added OnePoint Patient Care to its leak site. The threat actors claimed to have encrypted the hospice dispensing pharmacy and pharmacy benefits management service’s files. It wasn’t long after that INC leaked all of the data. The Arizona-based provider notified HHS of the incident on October 14, reporting that 795,916…
Category: Malware
Cardiology of Virginia patient data appears to be up for sale. Has the entity issued any statement at all?
On September 7, RansomHub added Cardiology of Virginia to its dark web leak site, claiming that about 1 TB of files had been acquired. DataBreaches assumes no payment agreement was struck as RansomHub subsequently leaked data, complete with a filelisting, youtube video, and other files. “For bulk archive and confidential data analyzes trough our own…
Russia recommends prison sentence for REvil hackers
SC Media reports: Russia was reported by local media outlet Kommersant to have resumed legal proceedings and recommended prison sentences against four alleged members of Russian hacking group REvil, including suspected leader Daniil Puzyrevsky, after several delays over the past two years, according to The Record, a news site by cybersecurity firm Recorded Future. While…
Personal Data Protection Commission of Singapore issues three undertakings stemming from ransomware attacks
On October 23, the Personal Data Protection Commission of Singapore issued three undertakings with the follow statement: The new Undertakings reveals breaches stemming from various ransomware attacks due to the insufficient security IT measures implemented, affecting the personal data of over 690,000 individuals. In response, the affected organisations are to implement remediation plans to rectify the…
Hong Kong watchdog slams sports club for sloppy cybersecurity ahead of ransomware attack
Sammy Heung reports: Hong Kong’s privacy watchdog has found a prominent sports club had been in breach of privacy regulations in the run-up to a large-scale leak involving about 72,000 members’ personal information. The Office of the Privacy Commissioner for Personal Data said on Tuesday that the South China Athletic Association (SCAA) had failed to…
Rocky Mountain Gastroenterology appears to have been attacked by three different groups; more than 169,000 patients affected
SuspectFile reports: This article will cover what appears to be a triple cyberattack on the IT systems of Rocky Mountain Gastroenterology (RMG), a medical clinic specializing in gastroenterology with its main office in Lakewood, Colorado, and 26 operational locations. According to information gathered in recent weeks, the attack was carried out by three different cybercriminal groups. Initial findings suggested that RMG had been…