On September 24, Karakurt threat actors added Yakima Valley Radiology PC to their leak site. Their listing claimed that they acquired 9.31 GB of files including “financial reports, client lists with contacts, list of patients for 15 years (212579 rows), a database of social security numbers (including staff, doctors) with 766000 rows.” Karakurt did not…
Category: U.S.
States settle with Morgan Stanley for $6.5 million over data security incidents
In addition to Florida, represented by Consumer Protection Division Multistate and Privacy Bureau Chief Patrice Malloy and Senior Assistant Attorney General Diane Oates, the following states joined the action: Connecticut, Indiana, New Jersey, New York and Vermont. To view a copy of the agreement, click here. Source: MyFloridaLegal.com
CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector
Today, CISA released the Mitigation Guide: Healthcare and Public Health (HPH) Sector as a supplemental companion to the HPH Cyber Risk Summary, published July 19, 2023. This guide provides defensive mitigation strategy recommendations and best practices to combat pervasive cyber threats affecting this critical infrastructure sector. It also identifies known vulnerabilities for organizations to assess their…
Rackspace racks up $12M bill in ransomware raid recovery
How much does incident response cost following a ransomware attack? Would you believe $12 million and counting? Rackspace’s costs from last year’s ransomware infection continue to mount: the cloud hosting biz told America’s financial watchdog, the SEC, its total expenses to date regarding that cyberattack have reached $12 million – so far. The extortionware raid…
CMS Notifies Additional Individuals Potentially Impacted by MOVEit Data Breach
As part of an ongoing investigation into the May 2023 data breach of Progress Software’s MOVEit Transfer software on the corporate network of Maximus Federal Services, Inc. (Maximus Federal Services), a contractor to the Medicare program, the Center for Medicare & Medicaid Services (CMS) has learned of additional individuals whose personally identifiable information (PII) may…
Is a new ransomware group’s listing for Decatur Independent School District linked to an attack in September?
Decatur Independent School District in Texas was added to Inc Ransomware’s leak site on Wednesday. There is no summary or description of what the threat actors claim to have done or acquired. There is no countdown clock or timer, and there is no indication of how much money is being demanded. There is a proofpack….