Marco A. De Felice reports: 27,367 people, including patients and healthcare / administrative staff, were affected by the theft of sensitive data after the ransomware-type cyber attack last May 5 at the San Diego American Indian Health Center (“SDAIHC”) in the state of California. Recall that, among the people involved in the theft of their sensitive data, there…
Category: U.S.
HC3: Analyst Note: Karakurt Threat Profile
HC3: Analyst Note TLP: White Report: 202208241200 Executive Summary Karakurt ransomware group, also known as the Karakurt Team and Karakurt Lair, is a relatively new cybercrime group, with researchers reporting its first emergence in late 2021. Karakurt actors claim to steal data and then threaten to auction it off or release it to the public…
Et tu, Last Pass?
Received today: Dear valued customer, We are writing to inform you that we recently detected some unusual activity within portions of the LastPass development environment. We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some…
NH: Northeast Rehabilitation Hospital Network updates their 2021 breach notification
In November 2021, the Northeast Rehabilitation Hospital Network in New Hampshire notified HHS of a breach. At the time, they indicated 501 patients had been affected, which is usually just a marker for “we know it’s more than 500, but we don’t know how many just yet.” The incident was coded as a hacking/IT incident…
Hive starts dumping patient and employee data from Baton Rouge General Health System
On July 15, DataBreaches reported that Baton Rouge General Medical Center in Louisiana had been the victim of a significant ransomware attack. Our report attributed the attack to Hive although Hive was publicly denying responsibility at the time and claiming DataBreaches had “incorrect info.” Our information was correct. On Tuesday, Hive added the health center…
Block sued after ex-staffer siphons customer data
Thomas Claburn reports: Block – the digital payments giant formerly known as Square – faces allegations it failed to take adequate measures to protect customers’ personal information. A lawsuit [PDF], filed Tuesday in a federal district in Oakland, California, on behalf of two users of Cash App, operated by Block subsidiary Cash App Investing, claims the company…