DataBreaches.net has found two behavioral health entities that reportedly or allegedly experienced recent cyberattacks involving protected health information of patients. The first, Behavioral Health Partners of Metrowest (BHPMW), describes itself as a partnership that brings together leading social services and behavioral health agencies serving the Greater MetroWest region of Massachusetts. Together, they write, Family Continuity,…
Category: Of Note
Political Agreement Reached on New EU Horizontal Cybersecurity Directive
Mark Young and Tomos Griffiths of Covington and Burling write: In the early hours of Friday, 13 May, the European Parliament and the Council of the EU reached provisional political agreement on a new framework EU cybersecurity law, known as “NIS2”. This new law, which will replace the existing NIS Directive (which was agreed around the same…
Alert (AA22-137A): Weak Security Controls and Practices Routinely Exploited for Initial Access
Alert (AA22-137A) Weak Security Controls and Practices Routinely Exploited for Initial Access CISA Alert Published May 17, 2022: Summary Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This…
Former top Republican lawmaker in Colorado received leak of voting data
Alexandra Ulmer reports: A former Republican minority leader of the Colorado legislature is among the recipients of a trove of sensitive voting data leaked by a county official working with activists seeking to prove President Donald Trump’s false stolen-election claims, according to court records reviewed by Reuters. The revelation indicates the breach of ballot data…
Hacker and Ransomware Designer “Nosophoros” Charged for Use and Sale of Ransomware, and Profit Sharing Arrangements with Cybercriminals
A criminal complaint was unsealed today in federal court in Brooklyn, New York, charging Moises Luis Zagala Gonzalez (Zagala), also known as “Nosophoros,” “Aesculapius” and “Nebuchadnezzar,” a citizen of France and Venezuela who resides in Venezuela, with attempted computer intrusions and conspiracy to commit computer intrusions. The charges stem from Zagala’s use and sale of…
How to Fight Foreign Hackers With Civil Litigation
Kellen Dwyer, Kim Peretti, and Emily Skahill of Alston & Bird write: The Department of Justice dealt a blow to global cybercrime on April 6 with the takedown of a massive botnet controlled by “Sandworm”—the Russian General Staff Main Intelligence Directorate (GRU) unit responsible for the 2017 NotPetya attack, among others. This operation reflects the…