Shields Health Care Group, Inc. (“Shields”) provides management and imaging services for dozens of covered entities in New England. On March 28, 2022, Shields was alerted to suspicious activity that may have involved data compromise. Their investigation discovered that an unknown threat actor had access to certain systems between March 7 and March 21 and…
Category: U.S.
Novartis says no sensitive data was compromised in cyberattack
Lawrence Abrams reports: Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. Yesterday, the hacking group began selling data allegedly stolen from Novartis on their Tor…
FBI thwarts cyberthreat against Boston Children’s Hospital by hackers sponsored by Iranian government
WCVB reports: Hackers sponsored by the Iranian government tried to get into the computer systems of Boston Children’s Hospital last year; however, they were stopped with the help of the Boston Division of the FBI, officials announced Wednesday. […] In the summer of 2021, the FBI said officials received a report from another intelligence agency…
Are victims of Netgain ransomware incident first being notified now?
Accounting firm Perkins & Co. in Portland Oregon has submitted a notification to the Vermont Attorney General’s Office about a breach that goes back to 2020 — the Netgain ransomware incident that impacted numerous clients and individuals. According to Perkins’ notification, Netgain first notified them of the breach in December 2020. So why did it…
School Board hacked after emails of contractors compromised
Emily Burleigh reports: The Calcasieu Parish School Board has been the victim of a cyber fraud incident. “Because we at the Calcasieu Parish School Board believe in full honesty and transparency, we want to make stakeholders aware of a cyber fraud incident involving our district,” CPSB spokesperson Holly Holland said in a statement to the American…
Today’s exercise in reading between the lines
A recent notification by Aon had DataBreaches wondering exactly what went on with their incident response. Consider their description of what happened: What Happened? On February 25, 2022, Aon identified a cyber incident that, upon investigation, impacted a limited number of systems. Once the incident was discovered, Aon immediately retained leading cybersecurity firms to assist…