Na Vijayshankar reports: Three major cyber attacks in the Indian pharma industry in the last few months have left people wondering whether there is a pattern indicating the reason for this spurt. First was the Breach Candy Hospital one in February 2020 where over 121 million medical records were compromised. Of these, 120 million were…
Category: Of Note
Federal agencies issue alert: credible information of increased and imminent threat of ransomware attacks on healthcare and public health sector
From a cybersecurity advisory that you need to drop everything and read and then react to proactively. Seriously. The summary alone should make you take note: This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS)….
Aetna Pays $1,000,000 to Settle Three HIPAA Breaches
A new press release from HHS today reveals that multiple breaches in 2017 contributed to HHS finding significant problems with Aetna: Aetna Life Insurance Company and the affiliated covered entity (Aetna) has agreed to pay $1,000,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to…
PH: NPC to allow data breach victims to apply for cease-and-desist orders
Jenina P. Ibañez reports: Victims of personal data breaches may request cease-and-desist orders from the National Privacy Commission (NPC) if the breach violates their privacy rights and causes “irreparable injury.” The NPC, in circular no. 20-02 signed on Oct. 6, said that it may issue such orders in the event of violations or threats to…
An Interview with “UNKN” Sheds Light on REvil’s Operations & Future Victims
Yelisey Boguslavskiy writes: On October 23, 2020, a Russian-speaking tech blog YouTube channel “Russian OSINT” published an interview with one of the representatives of the REvil ransomware syndicate – “UNKN”/”Unknown”. A twenty-minute interview covers important subjects such as victims, tactics, and strategies employed by REvil. While some of the information shared by UNKN has already…
Update: Has Guilford Technical Community College notified more than 43,000 students of data breach?
On September 19, DataBreaches.net reported that Guilford Technical Community College (GTCC) in North Carolina had apparently become a ransomware victim of DoppelPaymer on September 13. But on October 6, GTCC was no longer listed on the threat actors’ dedicated leak site. The removal of a victim’s name often indicates that the victim had a change…