How many times have the FBI and CISA urged entities NOT to pay ransom because it just encourages the attackers to attack more, while others suggest that a total ban would make things a lot worse? On January 14, the U.K. government opened a consultation, Ransomware legislative proposals: reducing payments to cyber criminals and increasing…
Settlement with Northeast Surgical Group marks OCR’s 10th ransomware enforcement action and 4th enforcement action in OCR’s Risk Analysis Initiative. Today the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Northeast Surgical Group, P.C. (NESG), a provider of surgical services in Michigan, for a potential violation…
Davey Winder reports: Ransomware is a cybersecurity threat that just won’t go away. Be it from groups such as those behind the ongoing Play attacks, or kingpins such as LockBit returning from the dead the consequences of falling victim to an attack are laid bare in reports exposing the reach of ransomware across 2024. A new ransomware threat, known as…
Connor Jones reports: A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the trend of criminals locking up whole systems and taxpayers footing the bill. The consultation will consider views on extending the ransom payment ban from central government departments…
From the “Wait-What-Happened-Here Dept:” On October 19, the Black Suit ransomware group announced that they had attacked Rutherford County Schools in Tennessee. Their listing, posted on their dark web site, included what appears to be an indication of what data and how much data they were able to exfiltrate. It did not indicate whether they…
TechCrunch recently did its annual write-up of badly handled data security incidents. The following wasn’t in it but is one of the worst security and privacy failures that I’ve ever read, and that’s saying a lot. This case stems from a ransomware attack by Medusa Locker in October 2020 that is first being seriously addressed…