Christopher Brown reports: More than 100 lawsuits arising from a cyberattack on Progress Software Corp.‘s MOVEit file transfer application will be consolidated in federal court in Massachusetts, the Judicial Panel on Multidistrict Litigation said. Centralization of the lawsuits in the US District Court for the District of Massachusetts will serve the convenience of the parties and…
Category: Subcontractor
Aretis Health LLC notifies patients of 50 entities about MOVEit breach
Add Aretis Health LLC to the list of entities affected by the MOVEit breach. Aretis performs billing functions for NorthStar Anesthesia, and made notification to patients and HHS on behalf of the following entities: AmSol Physicians of Elkin, NC, PLLC Anesthesia Company of Houston, PLLC Anesthesia Resources Management Solutions, Inc Coronado Anesthesia, PLLC Digestive Health…
HC3: Sector Alert Progress Software WS_FTP Critical Vulnerabilities
Progress Software WS_FTP Critical Vulnerabilities Executive Summary Progress Software, the maker of the MOVEit file transfer software which was widely exploited by the CL0P ransomware-as-a-service (Raas) group, has released a new advisory regarding multiple vulnerabilities in the WS_FTP Server, a file transfer product. Two of the vulnerabilities were rated as critical and are being tracked…
IRS consultant charged in leak of tax returns for Trump, wealthy Americans
Devlin Barrett and Spencer S. Hsu report: A Washington-based consultant for the Internal Revenue Service was charged Friday with stealing the tax returns of former president Donald Trump and thousands of wealthy Americans in 2019 and 2020 and providing them to two news organizations that reported how little the super-rich pay in federal income taxes,…
Building automation giant Johnson Controls hit by ransomware attack
Lawrence Abrams reports: Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi s […] Yesterday, a source told BleepingComputer that Johnson Controls suffered a ransomware attack after initially being breached at its Asia offices. BleepingComputer has since learned that the company…
ChildFund NZ discloses third-party breach
ChildFund in New Zealand has issued a public notice about a data breach involving a telemarketing company, Pareto Phone Limited. ChildFund had contracted with Pareto in 2014 to conduct fundraising activity on its behalf. ChildFund does not say when it may have stopped working Pareto, but Pareto suffered a cyberattack in April of this year…