Rocio Hernandez reports: A Clark County judge on Thursday denied the Clark County School District (CCSD)’s motion to dismiss a class action lawsuit over a 2023 cybersecurity breach — an unexpected development considering the judge previously said she leaned toward dismissing the case. The lawsuit, filed Oct. 31, said the breach led to the compromise…
Category: U.S.
Palomar Health Medical Group’s computer systems still down nearly 2 months after ‘suspicious activities’
Alexander Nguyen reports: Palomar Health Medical Group’s (PHMG) phones and computer systems are still down after “suspicious activities” nearly two months ago. Palomar Health said it discovered the problem on May 5, which was affecting certain computer systems, and quickly took those systems offline to prevent the spread of possible malware. The health care system…
Blackcat may be gone, but recovery from its attacks is not over
The AlphV (aka Blackcat) ransomware group may have disappeared after a law enforcement seizure in December, and then an exit scam by its admin in March, but the impact of some of its breaches continues. While the Change Healthcare breach continues to make headlines, earlier breaches by Blackcat also continue to impact victims. In July…
Maryhaven addiction and treatment centers hit by ransomware attack
On June 13, the INC Ransom group added Maryhaven in Ohio to their leak site. DataBreaches subsequently contacted Maryhaven to inquire what it was doing in response to INC’s claims. They did not reply, but subsequently posted a notice on their website that said, in part: We are aware that some of our systems are…
Consulting Radiologists LTD notifying 583,824 patients about February attack
Two ransomware groups claimed to have attacked Consulting Radiologists. The notification is silent about any ransom demands. Consulting Radiologists LTD. (“CRL”)” in Minnesota is a physician-owned practice. On February 12, 2024, they detected suspicious activity on their network. An investigation revealed that an unauthorized actor had accessed certain files and data. Those files contained patient…
SEC Charges R.R. Donnelley for Ransomware Attack Response
Hunton Andrews Kurth writes: On June 18, 2024, the U.S. Securities and Exchange Commission (“SEC”) announced a settlement with R.R. Donnelley & Sons Co. (“RRD”), a global provider of business communication and marketing services, for violating the internal controls and disclosure controls provisions of federal securities laws in relation to Donnelley’s response to a 2021 ransomware attack….