It appears that a ransomware incident involving VPN Solutions LLC may have affected a number of covered entities, although so far, DataBreaches.net has only identified two confirmed cases: Surgery Group SC On December 17, Surgery Group SC in Illinois notified HHS about an incident impacting 500 patients. DataBreaches.net interprets that 500 number as a marker…
Category: U.S.
Virtual Care Provider Sues Rivals, Alleging Data Theft, Patent Violation
Anuja Vaidya reports: MDsave, a direct-to-consumer virtual marketplace for healthcare services, has filed a lawsuit against three of its competitors alleging they stole and exploited MDSave’s protected data and intellectual property. The lawsuit accuses the defendants, Sesame, Green Imaging, and Tripment, of misappropriating MDSave’s protected data, falsely advertising their services, directly interfering with MDSave’s relationships with its…
Ransomware gang coughs up decryptor after realizing they hit the police
Lawrence Abrams reports: The AvosLocker ransomware operation provided a free decryptor after learning they encrypted a US government agency. Last month, a US police department was breached by AvosLocker, who encrypted devices and stole data during the attack. However, according to a screenshot shared by security researcher pancak3, after learning that the victim was a government…
Another T-Mobile cyberattack reportedly exposed customer info and SIMs
Mitchell Clark reports: T-Mobile has suffered another cyberattack after being rocked by a massive data breach in August. This time around, attackers accessed “a small number of” customers’ accounts, according to documents posted by The T-Mo Report. According to the report, customers either fell victim to a SIM swapping attack (which could allow someone to bypass SMS-powered two-factor authentication), had…
SD: Brown County received notification of a breach when computer system shut down in August
Elisa Sand reports: Months after the Brown County computer system was down for an extended stretch, a few details about the incident are being confirmed. Emergency Management Director Scott Meints said the incident started on Aug. 1 when the county’s information technology department received a notification that an external agency had set up malware to…
Kearsarge Regional School District notified parents of data security incident
On November 4, external counsel for Kearsarge Regional School District in New Hampshire notified the New Hampshire Attorney General’s Office about a data security breach. According to the notification, on August 27, the threat actor was able to access and possibly acquire a file containing information on 1,825 students enrolled in the district’s meal plan…