Emma Woollacott reports: British businesses could face lower fines if they proactively report data breaches, thanks to an agreement between the UK’s data protection regulator and cybersecurity agency. The Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC) say they plan to encourage engagement with the NCSC in the event of a breach, and allow meaningful…
Category: Of Note
Conti member indicted for role in 2021 Scripps Health ransomware attack
On September 7, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), in coordination with the United Kingdom, sanctioned 11 individuals who are alleged to be part of the Russia-based Trickbot cybercrime group. At the same time, the U.S. Department of Justice (DOJ) unsealed indictments against nine individuals in connection with the…
Facebook Messenger phishing wave targets 100K business accounts per week
Bill Toulas reports: Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware. The attackers trick the targets into downloading a RAR/ZIP archive containing a downloader for an evasive Python-based stealer that grabs cookies and passwords stored in…
Hospital Sisters Health System’s CFO exits as it continues to handle ‘cybersecurity incident’
On August 29, DataBreaches reported that Hospital Sisters Health System (HSHS) and Prevea Health appeared to have been the victims of a ransomware attack. As of today, the notice on Prevea Health states, “HSHS and Prevea are experiencing a systemwide outage of clinical and administrative applications.” Prevea continues to describe it as a temporary outage….
MGM Resorts hit in disruptive cyberattack
Long-time readers may recall a story in January 2017 about a luxury hotel that reportedly paid extortion to ransomware attackers because guests were locked in their rooms. Some of the story was ultimately considered to be fake news, although the whole scenario initially seemed possible at the time. Fast forward more than six years and …
HHS Office for Civil Rights Settles with L.A. Care Health Plan Over Potential HIPAA Security Rule Violations
LA Care, the largest publicly operated health plan in the country paid $1,300,000 to settle Today, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Rules with LA Care, the nation’s largest publicly operated health plan that…