Coastal Medical Group, Old Bridge, is notifying patients of a data security incident that involved the patients’ health information. On April 21, the practice discovered that certain of its computer systems were being affected by a data security event that the practice believes began on March 25, 2021, according to a prepared statement. After discovering…
TX: Judson ISD investigating possible ransomware attack affecting district communication, officials say
Judson ISD officials say they are investigating a possible ransomware attack that left them without phone or email access. The school district announced the “suspected but unconfirmed ransomware attack” Friday afternoon in a release. Read more on KSAT. The district took to Twitter to announce status reports. Judson ISD Technology Update 06/17/2021 #JudsonISD #JISD pic.twitter.com/nZORmHjKB2…
Fake DarkSide gang targets energy, food industry in extortion emails
Lawrence Abrams reports: Threat actors impersonate the now-defunct DarkSide Ransomware operation in fake extortion emails sent to companies in the energy and food sectors. […] In a new report, Trend Micro researchers reveal that a new extortion campaign started in June where threat actors are impersonating the DarkSide ransomware gang. “Several companies in the energy…
First American Financial Pays Farcical $500K Fine – Krebs
Brian Krebs reports: In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. [NYSE:FAF] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. This week, the U.S. Securities and Exchange Commission settled its investigation into the matter after the…
San Juan Regional Medical Center notifies 68,792 patients of cybersecurity breach
On June 4, 2021, San Juan Regional Medical Center (“SJRMC”) in New Mexico posted a breach notice on their web site. The notice said that SJRMC had identified unauthorized access to their network on September 8, 2020. Their subsequent investigation revealed that the threat actor removed files from the server on September 7-8, 2020. Following…
For hacked companies, paying a ransom may not work: Many say they paid but were attacked again
Hiawatha Bray reports: To pay or not to pay? For organizations victimized by ransomware, that’s a tricky question that may not have a good answer. A report from the Boston tech security firm Cybereason argues that paying off cybercriminals may not get businesses off the hook. In a global survey of nearly 1,300 security professionals, two-thirds said…