Marianne Kolbasuk McGee reports: A second federal judge has recommended the dismissal of a second proposed class action lawsuit against Catholic hospital chain CommonSpirit over a 2022 cyberattack and data breach that affected nearly 624,000 people. Both judges said the plaintiffs failed to show how they were harmed by the breach. U.S. Magistrate Judge Susan…
Category: Malware
UnitedHealth paid ransom to bad actors, says patient data was compromised in Change Healthcare cyberattack (1)
Ashley Capoot reports: UnitedHealth Group on Monday said it paid ransom to cyberthreat actors to try and protect patient data, following the February cyberattack on its subsidiary Change Healthcare. The company also confirmed that files containing personal information were compromised in the breach. “This attack was conducted by malicious threat actors, and we continue to…
Two ransomware attacks in 2023 first disclosed in April — Kisco Senior Living, Blackstone Valley Community Health Care (1)
Two more ransomware incidents that occurred in 2023 were disclosed this week. One was disclosed 10 months after the incident, and the other was disclosed 5 months after the incident. Kisco Senior Living On or about June 15, 2023, BlackByte claimed responsibility for a ransomware attack on Kisco. This week, Kisco filed a notification with…
Valley Mountain Regional Center discloses a breach, but are patients still in the dark? (1)
In November 2021, Valley Mountain Regional Center (VMRC) notified HHS that multiple employees were the victims of a phishing scheme that compromised the protected health information (PHI) of 17,197 individuals. They notified HHS, affected individuals, media, and provided substitute notice. HHS reports, “In its mitigation efforts, the Business Associate strengthened its technical safeguards to better…
Hong Kong private hospital given 4 weeks to submit report over US$10 million ransomware attack
Cannix Yau reports: Hong Kong health authorities have told a private hospital it has four weeks to submit a detailed report after it was hit by a malicious cyberattack and refused to pay a US$10 million ransom. The Department of Health said on Saturday that it was investigating the incident at Union Hospital in Tai…
Moldovan Botnet Operator Indicted for Role in Conspiracy to Unlawfully Access Thousands of Infected Computers Throughout the United States
From the U.S. Attorney’s Office, Western District of Pennsylvania on April 16, 2024: Note: Click here to view the wanted poster for Alexander Lefterov PITTSBURGH, Pa. – A Moldovan national has been indicted by a federal grand jury in Pittsburgh for computer fraud crimes, aggravated identity theft, and conspiracy to commit wire fraud, United States Attorney…