Joshua Skinner reports: The city of Odessa recently had a data breach involving its online payment web portal, and this isn’t the first time it’s happened. The breach only affected users of the online Click2Gov system who made one-time payments for utility bills. Odessa uses Click2Gov as third-party provider software that allows people to pay…
Transport Malta hit by cyberattack, recovers after 5 days
Transport Malta was hit by a cyberattack during the night between September 25 and 26. They would only admit to a technical problem and gave no further details at the time, but 5 days later, the system is now back up and running. But they’re still not saying what happened or how. h/t, @Chum1ng0
NY: Former Information Technology Employee Of Hospital Sentenced To 30 Months In Prison For Computer Intrusion
From the SDNY, a press release involving an unnamed hospital in NYC. I’ll tell you more about this one after the press release: Audrey Strauss, the Acting United States Attorney for the Southern District of New York, announced that RICHARD LIRIANO was sentenced yesterday to 30 months in prison for engaging in a scheme to…
Magnolia Pediatrics notifies patients of a security incident after OCR tells them it’s reportable
Almost one year after Magnolia Pediatrics notified 11,000 patients about a ransomware attack on an unnamed IT vendor, they are now notifying more than 12,000 patients of another attack. This time, they wound up firing their vendor. According to a notification on their web site, on March 26, the Magnolia Pediatrics discovered a security incident….
Northern California casino shut down by external computer attack
Sam Stanton reports: Northern California’s Cache Creek Casino Resort, which has been shut down since Sept. 20 because of what it called a “systems infrastructure failure,” confirmed Wednesday that its computer systems were the target of an outside attack and that the incident is under investigation. “While our investigation is ongoing, we have confirmed the cause was an external…
Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments
The U.S. Department of the Treasury has issued an advisory for companies that help negotiate ransomware payments. A footnote to the advisory notes that it is “explanatory only and does not have the force of law. It does not modify statutory authorities, Executive Orders, or regulations. It is not intended to be, nor should it…