AP reports: A Ukrainian man has pleaded guilty to involvement in two separate malware schemes including a cyberattack at the University of Vermont Medical Center in 2020 that temporarily shut down some of its vital services and cost it tens of millions of dollars, according to the U.S. Department of Justice. Vyacheslav Igorevich Penchukov, also…
Category: U.S.
Update on INTEGRIS Health data breach: incident response criticized by patients
In December, INTEGRIS Health disclosed a cyberattack in November in which threat actors contacted patients directly to extort them when INTEGRIS wouldn’t pay their demands. DataBreaches subsequently reported additional details. On February 6, INTEGRIS updated its breach notice. The updated website notice incorporates the kind of language that advocates for transparency and data protection may…
PA: Washington County pays $350,000 ransom after cyberattack
Chris Hoffman reports: The Washington County Board of Commissioners formally voted on Thursday on handling the recent cyberattack. Some have questioned the transparency of the process. The questions about transparency have been because of secret and emergency meetings. According to the solicitor, some of that was because of the deadlines set up by the cybercriminals….
Quest Diagnostics pays $5M after mixing patient medical data with hazardous waste
Jessica Lyons reports: Quest Diagnostics has agreed to pay almost $5 million to settle allegations it illegally dumped protected health information – and hazardous waste – at its facilities across California. This sum won’t hurt at all for the corporation, one of the largest clinical medical lab networks in the US. In all, Quest is…
U.S. Internet Leaked Years of Internal, Customer Emails
Brian Krebs reports: The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of…
New Jersey law enforcement officers sue 118 data brokers for not removing personal info
Suzanne Smalley reports: Over the course of the last week, 118 class action lawsuits were filed against data brokers who allegedly failed to respond to requests from about 20,000 New Jersey law enforcement personnel asking to remove their personal information from the internet. New Jersey law prohibits the disclosure of home addresses and unpublished telephone…