In August, I noted a ransomware attack on Marin Medical Practices Concepts (MMPC), a business associate providing billing and EMR services to many physicians. The ransomware prevented the physicians from accessing patient records for more than 10 days, and Marin decided to pay an undisclosed amount of ransom. In an August 4 statement, however, they…
Category: U.S.
InfoArmor: Yahoo Data Breach Investigation
Well, it seems InfoArmor is calling b.s. on claims that Yahoo! was hacked by state actors. The overview from their report: Yahoo was compromised in 2014 by a group of professional blackhats who were hired to compromise customer databases from a variety of different targeted organizations. Some of their initial targets, which occurred in 2012…
NJ Spine Center saw no other option but to pay ransom
Oof. This notification from the New Jersey Spine Center, sent to patients on September 22, describes a real disaster where not only essential patient files and credit card information were locked up, but their most recent backup was too. No wonder they paid the ransom. On July 27, 2016, our computer systems were attacked by a malware…
NY: 488 affected by data breach in Mastic Beach
News12 reports: The village of Mastic Beach says 488 residents may have had their personal information stolen in a data breach by a former employee pretending to be the chief of police. Mayor Maura Spery says an 18-month audit discovered a former village employee illegally accessed highly personal information from a law enforcement database. “The…
Two more hacks with ransom demands, but is anyone paying? Part 2.
As noted in Part 1, hackers continue to issue ransom demands, but going to the media to put pressure on hacked entities does not seem to have improved their chances of convincing their victims to pay the ransom. In Part 1, I reported on what appears to be a hack of VI Pay, Inc., a payroll…
Ex-Verizon worker accused of selling customer phone records
Jeff Martin of AP reports: A former Verizon Wireless technician is accused of using the company’s computers to obtain customers’ private call records — plus data showing where customers’ phones were — and then selling them to an unnamed private investigator, federal prosecutors said. Daniel Eugene Traeger, who worked in Alabama, sold the confidential information…