Stacy L. Cook and Iqra Mushtaq of Barnes & Thornburg LLP write: On March 14, 2023, the U.S. Department of Justice (DOJ) announced the settlement of a case involving alleged violations of the False Claims Act (FCA) as a result of cybersecurity failures and breach of HIPAA-protected health information. Obtained under the Civil Cyber-Fraud Initiative, this settlement emphasizes…
Category: U.S.
Are you a “Lucky Winner” from Equifax?
Earlier today, vx-underground reported that a hoax email was being sent from Equifax with the subject line “Free Pompompurin.” An unknown individual has compromised the email system for Equifax. They have sent out an email with the subject matter as “Free Pompompurin”. Image 1. email extended header information Image 2. email itself pic.twitter.com/mlrO99uVdl — vx-underground…
Developing: Stormous claims to have attacked hospital; apologizes minutes later, pledges to undo damage, and seeks forgiveness (Update1: was this a scam?)
Stormous Ransomware added Cameron Memorial Community Hospital in Indiana to their leak site today and posted a pointer to it on their Telegram channel. Then they appeared to regret their actions, posting the following only minutes later: We are writing to express our sincerest apologies for the recent ransomware attack on hospital IT systems. We…
School principal resigns after writing $100,000 check to Elon Musk impersonator
Brandon Vigliarolo reports: The principal of a Florida science and technology charter school has resigned after allegedly writing a $100,000 check to an Elon Musk impersonator using school funds. Dr Jan McGee, who is listed as a founding board member of Burns Science and Technology Charter in Oak Hill, Florida, told the school’s board of directors that…
Alabama’s Jefferson County School System victim of ransomware attack during Spring Break
WBRC reports: A ransomware attack targeted the Jefferson County School System in Alabama over Spring Break. A news release states the district’s technology team took immediate steps to stop the attack and notified state and local authorities. Preliminary investigations have not revealed any evidence of a breach of sensitive personally identifiable information. However, the district…
Today’s “Don’t Say ‘Ransomware’ Award” goes to….
DataBreaches probably sounds like a broken record after six years of calls for more transparency in breach notifications. Sadly, the situation has gotten worse in the past year. Not only do entities fail to admit they suffered a ransomware attack, but they fail to inform patients if the patient’s protected health information was leaked or…