In September, Britton White and PogoWasRight.org teamed up to produce an explainer and caution about infostealers that was oriented to the public. Our article, Redline: Storing Passwords in your Browser Can Ruin Your Life (But Will Make Criminals VERY Happy!) included cautions about employees who work from home and who might have their login credentials…
Category: Malware
Two ransomware groups claimed to have attacked Albany ENT & Allergy Services and leaked data, but AENT doesn’t mention that at all in their notification?
On April 28, DataBreaches reported that two different ransomware groups claimed to have attacked Albany ENT & Allergy Services, P.C. in Albany, New York. This week, Albany ENT & Allergy Services notified regulators and 224,486 affected employees and patients about a breach. Their notification is stunning, however, for its lack of certain details. In their…
Morris Hospital investigating attack by Royal ransomware group
On May 22, the Royal ransomware group added Morris Hospital to their leak site with a small sample of files as proof of claims. On May 23, the hospital posted a statement on its site, prominently linked from its homepage: Morris Hospital & Healthcare Centers is actively investigating a cybersecurity incident with the assistance of…
Microsoft: Notorious FIN7 hackers return in Clop ransomware attacks
Sergiu Gatlan reports: A financially motivated cybercriminal group known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the deployment of Clop ransomware payloads on victims’ networks. “Financially motivated cybercriminal group Sangria Tempest (ELBRUS, FIN7) has come out of a long period of inactivity,” the company said in…
NYS settles charges against PracticeFirst stemming from 2020 ransomware incident
In July 2021, Professional Business Systems, Inc. d/b/a Practicefirst Medical Management Solutions and PBS Medcode Corp., a medical management company that processes data for health care providers, issued a press release about a hacking incident that occurred in December 2020. As DataBreaches noted at the time, it appeared that they likely paid ransom because one line in their statement…
Cuba ransomware claims cyberattack on Philadelphia Inquirer
Bill Toulas reports: The Cuba ransomware gang has claimed responsibility for this month’s cyberattack on The Philadelphia Inquirer, which temporarily disrupted the newspaper’s distribution and disrupted some business operations. The Philadelphia Inquirer is Philadelphia’s largest (by circulation) newspaper. It is the third-longest continuously operating daily newspaper in the U.S., founded in 1829, and it has…