Zeba Siddiqui and Christopher Bing report: A state-sponsored Chinese hacking group has been spying on a wide range of U.S. critical infrastructure organizations, from telecommunications to transportation hubs, Western intelligence agencies and Microsoft (MSFT.O) said on Wednesday. The espionage has also targeted the U.S. island territory of Guam, home to strategically important American military bases, Microsoft…
Category: Of Note
NYS settles charges against PracticeFirst stemming from 2020 ransomware incident
In July 2021, Professional Business Systems, Inc. d/b/a Practicefirst Medical Management Solutions and PBS Medcode Corp., a medical management company that processes data for health care providers, issued a press release about a hacking incident that occurred in December 2020. As DataBreaches noted at the time, it appeared that they likely paid ransom because one line in their statement…
The Underground History of Russia’s Most Ingenious Hacker Group
Andy Greenberg writes: Ask western cybersecurity intelligence analysts who their “favorite” group of foreign state-sponsored hackers is—the adversary they can’t help but grudgingly admire and obsessively study—and most won’t name any of the multitudes of hacking groups working on behalf of China or North Korea. Not China’s APT41, with its brazen sprees of supply chain attacks, nor…
Health Breach Notification Rule: FTC wants your insights into proposed changes
From the FTC: The Health Breach Notification Rule has been in place since 2009. Given the pace of innovation, that seems like a century in tech years. Since then, we’ve seen an explosion in the popularity of health apps, fitness trackers, and other health-related monitors. To keep up with technological developments and evolving business practices, the…
A different kind of ransomware demand: Donate to charity to get your data back
A.J. Vicens reports: A new and increasingly active ransomware group that’s attacked nearly 200 organizations in less than two months has a different spin on its extortion efforts: Don’t pay us, pay a charity. So far, this unnamed group that is at least publicly claiming to be driven by anti-capitalist sentiment and its own brand…
Hacker attack Asl Abruzzo, Guarantor: downloading data is a crime
A press release (machine translated) from the Italian data protection regulator, Garante per la Protezione dei Dati Personali: With reference to the recent hacker attack suffered by Asl 1 Abruzzo, the Guarantor for the protection of personal data reminds that anyone who comes into possession or downloads data published on the dark web by criminal…