On Thursday morning, ThreeAM added Carolina Arthritis to its leak site. Some ransomware groups add a listing, post some claims and a few screencaps, and then give the entity a deadline to pay up, or they leak a bit of data and then give the entity a final deadline. ThreeAM doesn’t seem to work that…
Category: U.S.
OnePoint Patient Care notifies almost 800,000 patients of August ransomware attack
On September 15, INC Ransom added OnePoint Patient Care to its leak site. The threat actors claimed to have encrypted the hospice dispensing pharmacy and pharmacy benefits management service’s files. It wasn’t long after that INC leaked all of the data. The Arizona-based provider notified HHS of the incident on October 14, reporting that 795,916…
Cardiology of Virginia patient data appears to be up for sale. Has the entity issued any statement at all?
On September 7, RansomHub added Cardiology of Virginia to its dark web leak site, claiming that about 1 TB of files had been acquired. DataBreaches assumes no payment agreement was struck as RansomHub subsequently leaked data, complete with a filelisting, youtube video, and other files. “For bulk archive and confidential data analyzes trough our own…
CISA: Proposed Security Requirements for Restricted Transactions Pursuant to Exec. Order 14117
Following up on President Biden’s recent executive order and the Justice Department’s notice of proposed rulemaking, CISA has issued the following: PROPOSED SECURITY REQUIREMENTS FOR RESTRICTED TRANSACTIONS Pursuant to Exec. Order 14117, Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern On February 28, 2024, President Biden signed…
Rocky Mountain Gastroenterology appears to have been attacked by three different groups; more than 169,000 patients affected (1)
Update: On November 13, Rocky Mountain Gastroenterology (RMG) reported the incident to HHS OCR as affecting 366,491 patients. RMG never responded to the inquiries this site submitted to it on October 19 and October 27. SuspectFile reports: This article will cover what appears to be a triple cyberattack on the IT systems of Rocky Mountain Gastroenterology (RMG), a…
Birth Choice of San Marcos to notify patients of breach at National Diagnostic Imaging
On March 16, 2024, National Diagnostic Imaging (NDI) experienced a network disruption. Their investigation subsequently revealed that they had been the victim of unauthorized access between February 19, 2024, and March 27, 2024. According to a letter from one of their clients, they notified Birth Choice of San Marcos on August 19 of the scope…