Catalin Cimpanu reports: Crooks are targeting government and educational institutions with a new ransomware family named MarsJoke (or JokeFromMars), discovered in late August, but which came to life this week through a massive email spam wave. The group behind this ransomware is using emails disguised as air travel confirmation notifications, which also contain a link…
Category: Malware
Notice of Data Incident at Stallcup & Associates, CPAs
On July 11, 2016, Stallcup & Associates, CPAs was subject to a ransomware virus and some of our network files were encrypted without our permission. Fortunately, the virus was detected within an hour and immediately stopped. Although there is no evidence that any files were viewed or exfiltrated, nor that such activities were intended, we are notifying…
Keck Medical Center of USC discloses ransomware attack
Keck Medical Center of USC is notifying patients of a ransomware attack that they discovered on August 1. The ransomware affected two servers that did not contain EMR but that did contain internal documents that included demographic information, date of birth, health information including treatment and diagnosis, and in some cases, Social Security numbers. Other files…
A single ransomware network has pulled in $121 million
Maria Korolov reports: A single ransomware author and distributor was able to collect $121 million in ransomware payments during the first half of this year, netting $94 million after expenses, according to a report released today. […] Total ransomware increased by 128 percent during the first half of 2016 compared to the same period last year. There…
RI: University Gastroenterology notifies patients of ransomware attack
University Gastroenterology is notifying patients after what sounds like a ransomware attack. In a notice on their web site, they write that on July 11, 2016, they discovered that an unauthorized individual had gained access to an electronic file storage system from a practice they had acquired in 2014, Consultants in Gastroenterology, and encrypted several files….
CA: Yuba-Sutter Medical Clinic discloses August ransomware attack
Yuba-Sutter Medical Clinic is notifying patients after a ransomware attack on August 3. Fortunately, the center was able to regain access relatively quickly and no data were lost, although they acknowledge that they did experience some delays in accessing internal information and patient information while they worked to regain access. As far as they can…