Marco De Felice reports: The Guarantor for privacy has sanctioned two hospitals and an AUSL, they had communicated medical information to the wrong people. The three structures fined are the Sienese University Hospital , the University Hospital of Parma and the Romagna Local Health Authority . The two hospitals received a fine of €10,000, while for the Romagna AUsl the fine was €50,000. ……
Category: Of Note
Alleged Hydra Market Operators Identified
GeminiAdvisory analysts write: Gemini analysts have found a post by an anonymous author on the hydra[.]expert domain claiming to have uncovered the true identities of the individuals running Hydra, one of the largest Russian-language dark web marketplaces for drugs. While formerly part of Hydra’s infrastructure, hydra[.]expert now appears to be solely dedicated to identifying Hydra’s…
CIS launches no-cost ransomware service for U.S. hospitals
Kat Jerich reports: The nonprofit Center for Internet Security announced this week that it had launched a no-cost ransomware protection service for private hospitals in the United States. The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the cybersecurity…
Dutch Police post “say no to cybercrime” warnings on hacker forums
Lawrence Abrams reports: The Dutch Police have begun posting warnings on Russian and English-speaking hacker forums not to commit cybercrime as law enforcement is watching their activity. Since the conclusion of Operation LadyBird, law enforcement’s disruption of the Emotet botnet, the Dutch Police state that they are creating forum accounts on hacker forums to warn hackers…
Accellion’s data breach left clients in tough position: pay extortion to criminals, or have their data dumped (with updates)
A breach involving Accellion‘s older file transfer application has left a number of its customers in the unenviable position of not only having a data breach to deal with, but with the added threat that their data and their clients’ data will be dumped by threat actors if they do not pay extortion demands. At…
UPDATED: California DMV halts data transfers with third-party company after Automatic Funds Transfer Services security breach
Update: As BleepingComputer reports, the AFTS attack appears to be the work of the Cuba ransomware threat actor(s) who claim to have exfiltrated “Financial documents, correspondence with bank employees, account movements, balance sheets, tax documents.” They offer to sell the data on their dedicated leak site on the dark web, but do not list any…