There are a number of journalists or sites that monitor news and legal notices for disclosures of breaches involving protected health information (PHI). And it’s tempting, when you see that the entity is a business, to just skip on by. But don’t. If a business has a health plan for employees, then they may be…
Category: U.S.
VA: Greensville County Public Schools hit by Grief threat actors
Grief threat actors have added another k-12 district to their list of victims who have refused to pay their ransom demands. Greensville County Public Schools in Emporia, Virginia was added to Grief’s dark web leak site on September 21. But by September 15, the district had already disclosed that they were dealing with a cyberware…
State-sponsored hacking group targets Port of Houston using Zoho zero-day
Catalin Cimpanu reports: A suspected state-sponsored hacking group has attempted to breach the network of the Port of Houston, one of the largest port authorities in the US, using a zero-day vulnerability in a Zoho user authentication appliance, CISA officials said in a Senate hearing today. Port officials said they successfully defended the attack, and “no…
MN: Crystal Valley Computer Systems Infected By Ransomware Attack
Southern Minnesota News reports: Mankato-based Crystal Valley says a ransomware attack has infected their computer systems. The attack “severely interrupted” the daily operations, according to a company press release. Read more on SMN. The Crystal Valley Cooperative is a farm supply and grain marketing cooperative that serves Southern Minnesota and Northern Iowa, so this may…
Vermont radio stations dealing with fallout from BlackMatter cyberattack
Katharine Huntley reports: Listeners might not know it, but thousands of people in radio stations across the nation are working around the clock to get commercials on the air after they were targeted by Russian hackers. “It started with an email on Sunday night that you really don’t want to get,” Dan Dubonnet said. […]…
Ransomware Resources for HIPAA Regulated Entities
The HHS Office for Civil Rights (OCR) is sharing the following information to ensure that HIPAA regulated entities are aware of the resources available to assist in preventing, detecting, and mitigating breaches of unsecured protected health information caused by hacking and ransomware. HHS Health Sector Cybersecurity Coordination Center Threat Briefs: https://www.hhs.gov/about/agencies/asa/ocio/hc3/products/index.html#sector-alerts January 28, 2021 –…