Marco A. De Felice reports: The ransomware group ALPHV (BlackCat) has published a first part of exfiltrated data from the Town of Iowa in the state of Louisiana. Approximately 250 scanned documents in PDF format have been released, some of which contain visible Social Security numbers (SSNs) of employees, employee salaries, balance sheets, birthdates, addresses,…
Category: U.S.
Exclusive: Advarra hacked, threat actors threatening to leak data (1)
Advarra describes itself as providing integrated solutions to safeguard trial participants, empowering clinical sites, ensuring compliance, and optimizing research performance for thousands of sponsors, contract research organizations, institutions, academic medical centers, and research consortia that it services. On or about October 25, Advarra was hacked and data was exfiltrated. According to one of the people…
HHS announces its first settlement in a ransomware case: Doctors’ Management Services
From HHS, this interesting press announcement: Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement under the Health Insurance Portability and Accountability Act (HIPAA) with Doctors’ Management Services, a Massachusetts medical management company that provides a variety of services, including medical billing and payor credentialing. The…
Colorado GOP Wants Inquiry into Delayed Notification of Data Breach
David Migoya reports: Colorado House Republican leaders on Monday called for an investigation into why Colorado’s higher education agency allegedly failed to timely report a massive data breach this summer. In a two-page letter hand-delivered to Gov. Jared Polis and Attorney General Phil Weiser, five state representatives also urged an inquiry into why thousands potentially…
Exclusive: Hackers claim they still have access to Clark County School District (CCSD), and reveal more details about hack and stolen data
When reviews of data breaches in the education sector are written for 2023, they will almost certainly mention the 2022 attack on the Los Angeles Unified School District that wasn’t fully disclosed until 2023 and the Minneapolis Public Schools breach. Both of those incidents involved threat actors leaking sensitive information on students. But any 2023…
Hackers Accessed 632,000 Email Addresses at US Justice, Defense Departments
Ari Natter reports: A Russian-speaking hacking group obtained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice as part of the sprawling MOVEit hack last summer, according to a report on the wide-ranging attack obtained through a Freedom of Information Act request. The report, by the US…