On Thursday morning, ThreeAM added Carolina Arthritis to its leak site. Some ransomware groups add a listing, post some claims and a few screencaps, and then give the entity a deadline to pay up, or they leak a bit of data and then give the entity a final deadline. ThreeAM doesn’t seem to work that…
Category: Malware
OnePoint Patient Care notifies almost 800,000 patients of August ransomware attack
On September 15, INC Ransom added OnePoint Patient Care to its leak site. The threat actors claimed to have encrypted the hospice dispensing pharmacy and pharmacy benefits management service’s files. It wasn’t long after that INC leaked all of the data. The Arizona-based provider notified HHS of the incident on October 14, reporting that 795,916…
Cardiology of Virginia patient data appears to be up for sale. Has the entity issued any statement at all?
On September 7, RansomHub added Cardiology of Virginia to its dark web leak site, claiming that about 1 TB of files had been acquired. DataBreaches assumes no payment agreement was struck as RansomHub subsequently leaked data, complete with a filelisting, youtube video, and other files. “For bulk archive and confidential data analyzes trough our own…
Russia recommends prison sentence for REvil hackers
SC Media reports: Russia was reported by local media outlet Kommersant to have resumed legal proceedings and recommended prison sentences against four alleged members of Russian hacking group REvil, including suspected leader Daniil Puzyrevsky, after several delays over the past two years, according to The Record, a news site by cybersecurity firm Recorded Future. While…
Personal Data Protection Commission of Singapore issues three undertakings stemming from ransomware attacks
On October 23, the Personal Data Protection Commission of Singapore issued three undertakings with the follow statement: The new Undertakings reveals breaches stemming from various ransomware attacks due to the insufficient security IT measures implemented, affecting the personal data of over 690,000 individuals. In response, the affected organisations are to implement remediation plans to rectify the…
Hong Kong watchdog slams sports club for sloppy cybersecurity ahead of ransomware attack
Sammy Heung reports: Hong Kong’s privacy watchdog has found a prominent sports club had been in breach of privacy regulations in the run-up to a large-scale leak involving about 72,000 members’ personal information. The Office of the Privacy Commissioner for Personal Data said on Tuesday that the South China Athletic Association (SCAA) had failed to…