SuspectFile reports: The American Renal Associates (ARA) provides care to patients suffering from end-stage renal disease (ESRD) and is one of the largest dialysis service providers in the United States. In a previous article, we reported on the theft of PHI and PII data from the servers of American Renal Associates by the Medusa ransomware group, which…
Hacker fakes his own death to avoid paying $100,000 in child maintenance
Raoul Simons reports: A computer hacker faked his own death to avoid paying over $100,000 in outstanding child support to his ex-wife, according to court documents. Jesse E. Kipf, 39, pleaded guilty to one count of aggravated identity theft and one count of computer fraud at a Kentucky court on March 29. According to his…
Contract Class Certified in CareFirst Data Breach Lawsuit 9 Years After Legal Action was Initiated
Steve Alder reports: A lawsuit against CareFirst BlueCross BlueShield that was filed in response to a 2014 data breach has had a contract class certified by a federal judge, 9 years after legal action was initiated. The lawsuit can now proceed and more than 1 million plan members are a step closer to obtaining damages. In…
K12 SIX Applauds Launch of K-12 Education Cybersecurity Council
On March 28, 2024, the U.S. Department of Education—in coordination with the Cybersecurity and Infrastructure Security Agency (CISA)—held the kickoff meeting of the Education Facilities Subsector Government Coordinating Council (GCC), designed to facilitate formal, ongoing collaboration between all levels of government and the education sector on issues of K-12 cybersecurity risk management. Organized in response…
On Q Financial announces data breach, law firm feeding frenzy follows
On April 2, Arizona-based On Q Financial notified the Maine Attorney General’s Office of a breach the mortgage lender experienced. Within days, law firms announced investigations into the breach and sought potential class action members. Was there anything particularly unique that would trigger a legal feeding frenzy? No. But On Q Financial holds financial data…
HC3: Sector Alert: Social Engineering Attacks Targeting IT Help Desks in the Health Sector
April 3, 2024 TLP:CLEAR Report: 202404031000 Executive Summary HC3 has recently observed threat actors employing advanced social engineering tactics to target IT help desks in the health sector and gain initial access to target organizations. In general, threat actors continue to evolve their tactics, techniques, and procedures (TTPs) to achieve their goals. HC3 recommends various…