Exploiting vulnerabilities in file transfer software for businesses and medical practices can result in a treasure trove of valuable data and the opportunity to try to extort oh, so many victims. First it was an Accellion vulnerability, exploited by Cl0p (past coverage). Then it was a Fortra GoAnywhere vulnerability, exploited by Cl0p (past coverage). Now…
Category: U.S.
Update on GLBA Safeguards Rule in Higher Education
Benjamin Wanger and Pierce T. Cox of BakerHostetler write: On February 9, 2023, the Department of Education Office of Federal Student Aid (“FSA”) issued an electronic notice regarding the Federal Trade Commission’s Final Rule amending the Standards for Safeguarding Customer Information (“Safeguards Rule”) under the Gramm-Leach-Bliley Act (“GLBA”). The amendments to the Safeguards Rule, which go into…
Middlesex Co. Public Schools confirms ransomware attack
Jimmy LaRoue reports: The superintendent for Middlesex County Public Schools confirmed Thursday that the school division was the subject of a recent ransomware attack. “We can confirm that Middlesex County Public Schools recently suffered a ransomware attack,” said Superintendent Dr. Tracy Seitz in a statement to 10 On Your Side. “We took immediate action to…
BlackByte attacks City of Augusta, GA and demands a ransom of $2 million
Marco A. De Felice aka @amvinfe writes: In this article we will not only address the part relating to the attack carried out by BlackByte on the IT systems of the City of Augusta, the theft of tens of GB of data or the real amount of the ransom requested by the ransomware group. Above…
Radiology practice suffers ‘significant’ cyberattack
Radiology Business reports: An Oregon radiology practice suffered a “significant” cyberattack over the Memorial Day weekend, according to published reports. Medford Radiology Group has retained a team of computer forensics experts to help aid in its response. The 75-year-old practice also has alerted partner organizations such as the Asante and Providence hospital systems after learning of the incident on…
Clinical test data of 2.5 million people stolen from biotech company Enzo Biochem
Jonathan Greig reports: An April ransomware attack on a biotech company resulted in the compromise of test information and personal data of nearly 2.5 million people, according to regulatory filings. Enzo Biochem, a New York-based biosciences and diagnostics company, said that on April 6 it experienced a ransomware attack that involved the “unauthorized access to…