Jessica Bartlett reports: A crippling cyber attack at the state’s second-largest insurer not only interrupted operations for months but also pummeled the insurer’s financials. For the six months ending in June, Point32Health reported a $102.7 million operating loss on $4.8 billion in revenue. Those results compare to a $25.8 million operating loss on $4.9 billion…
Category: U.S.
Bunker Hill Community College discloses May ransomware attack
From the college’s press release of August 18: Bunker Hill Community College (“BHCC”) confirmed today that the college experienced a data incident in May 2023 and will issue notices to affected individuals and relevant state and federal agencies about the incident. On May 23, 2023, BHCC detected irregular activity on certain BHCC systems that was consistent with a…
Real estate markets scramble following cyberattack on listings provider
Dan Goodin reports: Home buyers, sellers, real estate agents, and listing websites throughout the US have been stymied for five days by a cyberattack on a California company that provides a crucial online service used to track home listings. The attack, which commenced last Wednesday, hit Rapottoni, a software and services provider that supplies Multiple Listing…
Listing for sale of U.S. Education Department data may not be what you expect
Yesterday, a listing appeared on a popular hacking forum offering data for sale that were reported to be from the US Department of Education (Ed.gov). According to the listing, the leaked information includes: “ID, UserID, UserName, MobileNumber, LevelID, ConsumerID, Type, FeedBack, SubjectID, Subject, Replied, Token, Completed, Date, Updated, Deleted, and Origin” DataBreaches contacted the…
IL: Morris Hospital discloses breach that Royal claimed responsibility for in May; notifies 248,943
Morris Hospital & Healthcare Centers (Morris Hospital) has issued a notification concerning a cybersecurity incident they discovered on April 4. The incident affects current and former patients of Morris Hospital and current and former employees and their dependents or beneficiaries. According to their explanation, their forensic investigation determined that “just prior to the incident,” data…
Insider-Wrongdoing in the Healthcare Sector
Michelle Del Guercio writes: On June 8, the Health Sector Cybersecurity Coordination Center (“HC3”) published Types of Cyber Threat Actors That Threaten Healthcare. In that publication, they identify five basic types of insider threats: careless or negligent workers malicious insiders inside agents disgruntled employees third parties In 2016, when Protenus and DataBreaches first began collaborating on…