Reuters reports: WASHINGTON: The U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and scientific education facility that were recently hit in a global hacking campaign, a spokesperson said on Friday. The DOE contractor Oak Ridge Associated Universities and the Waste Isolation Pilot Plant, the…
Category: Subcontractor
State governments among victims of MoveIT Transfer breach
Alexander Culafi reports: Illinois, Minnesota and Missouri state governments are among a growing list of organizations attacked via a critical flaw in Progress Software’s MoveIT Transfer product. Progress Software on May 31 detailed an SQL injection bug in its managed file transfer (MFT) software MoveIt Transfer. Progress urged customers to immediately apply mitigations for the…
Data breach prompts University of Pittsburgh Medical Center billing contractor to contact 25,000 patients
Kris B. Mamula reports: Some 25,000 University of Pittsburgh Medical Center (UPMC) patients are being contacted by a Tennessee billing contractor following a data breach caused by a software bug that may have exposed names, addresses, social security numbers and other personal information. Kingsport-based Intellihartx LLC, which provides UPMC with billing and collection services, is…
Intellihartx notifies 490,000 patients of Fortra/GoAnywhere breach (with updates)
Quick update: Intellihartx LLC in Tennessee is notifying 489,830 of its clients’ patients about the Fortra/GoAnywhere breach by Clop. The types of information that may have been compromised include name, address, medical billing and insurance information, certain medical information such as diagnoses and medication, and demographic information such as date of birth and Social Security…
Au: Hackers Follow Through with Dark Web Threat After Law Firm Rejects Ransom
GVS reports: A hacking group claiming to be Russian-linked cybercriminals has published sensitive data from one of Australia’s largest law firms, HWL Ebsworth, after the firm refused to pay their ransom demands. The AlphV ransomware gang, also known as BlackCat, announced on the dark web that it had released 1.45 terabytes of data allegedly stolen…
Data on as many as 100,000 Nova Scotia healthcare staff stolen in MOVEit breach
As most people know by now, there are a LOT of victims from Clop’s attack on Progress MoveIT. So many, in fact, that they posted an announcement to all victims, giving the victims until June 14 to contact Clop to negotiate payment to delete data. The Boots pharmacy chain in the U.K. was affected, but…