On June 13, the INC Ransom group added Maryhaven in Ohio to their leak site. DataBreaches subsequently contacted Maryhaven to inquire what it was doing in response to INC’s claims. They did not reply, but subsequently posted a notice on their website that said, in part: We are aware that some of our systems are…
Category: U.S.
Consulting Radiologists LTD notifying 583,824 patients about February attack
Two ransomware groups claimed to have attacked Consulting Radiologists. The notification is silent about any ransom demands. Consulting Radiologists LTD. (“CRL”)” in Minnesota is a physician-owned practice. On February 12, 2024, they detected suspicious activity on their network. An investigation revealed that an unauthorized actor had accessed certain files and data. Those files contained patient…
SEC Charges R.R. Donnelley for Ransomware Attack Response
Hunton Andrews Kurth writes: On June 18, 2024, the U.S. Securities and Exchange Commission (“SEC”) announced a settlement with R.R. Donnelley & Sons Co. (“RRD”), a global provider of business communication and marketing services, for violating the internal controls and disclosure controls provisions of federal securities laws in relation to Donnelley’s response to a 2021 ransomware attack….
Red Tape Is Making Hospital Ransomware Attacks Worse
Matt Burgess reports: Crippling ransomware attacks against hospitals and health care providers are on the rise. These ruthless cyberattacks can take medical systems offline for weeks—canceling appointments and surgeries and causing harm to patients. Doctors and nurses are plunged into crisis situations where they resort to using pen and paper, while IT staff work to make…
Los Angeles USD confirms data stolen from a vendor (1)
On June 6, an individual calling themself “Satanic,” listed data for sale that was allegedly from the Los Angeles Unified School District. The listing, seeking $5,000.00 claimed to include 24 million student records and additional records from employees. At the time, DataBreaches did not post anything about the listing because inspection of the sample data…
Patients at Ascension hospital network given dangerous doses of narcotics after disastrous cyberattack
Alexa Lardieri reports: A cyberattack on a major American hospital system has caused dangerous medication mix ups including patients administered narcotics by mistake, leading to an admission to intensive care for life-threatening breathing difficulties. In another case, a female patient suffered a cardiac arrest and died after data mishaps delayed test results that would determine her…