Sometime between Feb. 2 and March 9 of this year, Cummins Behavioral Health Systems (CBHS) in Indiana became a victim of a cyberattack. CBHS is a private not-for-profit organization providing behavioral health services in Boone, Hendricks, Marion, Montgomery, Putnam, and surrounding counties in Central and West Central Indiana. It provides care to persons of all…
Category: U.S.
US cyber body to review cloud computing safety, Microsoft breach
Reuters reports: August 11 — A U.S. cyber safety body will review issues relating to cloud-based identity and authentication infrastructure that will include an assessment of a recent Microsoft (MSFT.O) breach that led to the theft of emails from U.S. government agencies, the Department of Homeland Security (DHS) said on Friday. The review by the Cyber…
Ransomware attack continues to disrupt two Connecticut hospital systems
CT Post reports: A ransomware attack continued to disrupt some services Friday at two Connecticut health care systems owned by Prospect Medical Holdings. Eastern Connecticut Health Network, which operates Manchester Memorial Hospital and Rockville General Hospital in Vernon, and Waterbury Health, which operates Waterbury Hospital, reported on their websites Friday that some services and locations…
Florida Healthy Kids notified by Maximus of MOVEit breach
Florida Healthy Kids is a state-created entity that provides health and dental insurance for Florida children aged 5-18. On Friday, they joined the unhappy ranks of those affected by the MOVEit breach that has affected more than 600 organizations already. In this case, it was their vendor, Maximus, who issued the notification. The number of…
White House Announces Efforts to Strengthen K-12 Schools’ Cybersecurity
Joseph J. Lazzarotti of JacksonLewis writes: In a 2019 post about increasing cyber risks in K-12 schools, we cited a report, “The State of K-12 Cybersecurity: 2018 Year in Review,” that contained sobering information about cybersecurity in local school districts across the country. According to that report, in 2018, there were 122 publicly-disclosed cybersecurity incidents…
HC3: Sector Alert: Rhysida Ransomware
August 4, 2023 TLP:CLEAR Report: 202308041500 Executive Summary Rhysida is a new ransomware-as-a-service (RaaS) group that has emerged since May 2023. The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ networks and deploy their payloads. The group threatens to publicly distribute the exfiltrated data if the ransom is not…