Some attackers are harder to kick out and keep out. From a notification letter to a state attorney general’s office by external counsel for Eurasia Group, a consulting firm in New York: In December 2020, Eurasia Group discovered suspicious activity within its email system. Eurasia Group immediately launched an investigation, with the assistance of third-party…
Category: U.S.
Brightline continues notifying clients of GoAnywhere incident; count continues to rise (more than 1 million)
Updated May 3: When DataBreaches checked Clop’s leak site today, the listing for Brightline was gone. Whether this means that they paid Clop to get it removed, or if its removal is just temporary remains to be seen. But out of all the health-related Fortra clients this site reported on in April, the Brightline listing…
TN: Murfreesboro Medical Clinic remains closed due to cyberattack
Update of May 6: Although neither the clinic nor the attackers have confirmed it yet, this attack appears to be the work of BianLian, whose obfuscated description on their leak site matches Murfreesboro’s description. BianLian claims to have over 250 GB of files. Carmyn Gutierrez and Caleb Wethington report: The Murfreesboro Medical Clinic & SurgiCenter was…
MA: Lawrence Family Development Charter School allegedly attacked by Snatch Team
Threat actors known as Snatch Team added the Lawrence Family Development Charter School in Massachusetts to their leak site yesterday. No proof has been provided by the attackers at this point. Two attempts to contact LFCDS administrators through their website contact forms for messages to faculty and staff both failed with messages “{“statusText”:”*** Forbidden. You…
Merck entitled to $1.4B in cyberattack case after appeals court rejects insurers’ ‘warlike action’ claim
Angus Liu reports: Merck may finally be entitled to a hefty insurance payout from the high-profile NotPetya cyberattack—if an appeals court ruling stands. A New Jersey appellate court on Monday ruled that a group of insurers can’t use war as an argument to deny Merck coverage from the notorious cyberattack that afflicted the company and others…
PENNCREST School District dealing with ransomware attack
A May 1 announcement by PENNCREST School District in Pennsylvania begins: Over the weekend, the PENNCREST School District became aware of a situation, believed to be a ransomware event, which has disrupted certain aspects of our operations. We quickly took steps to implement our Cybersecurity Incident Response Plan. Following our plan, we shut down and…