Catalin CImpanu reports: In a security alert published on Thursday, US payments processor Visa revealed that two North American hospitality merchants were hacked and had their system infected with point-of-sale (POS) malware earlier this year. […] Visa published on Thursday a security alert [PDF] with a description of the two security breaches and the malware…
New Jersey hospital paid ransomware gang $670K to prevent data leak
Lawrence Abrams reports: University Hospital New Jersey in Newark, New Jersey, paid a $670,000 ransomware demand this month to prevent the publishing of 240 GB of stolen data, including patient info. The attack on the hospital occurred in early September by a ransomware operation known as SunCrypt, who infiltrates a network, steals unencrypted files, and then…
TX: Odessa residents suffer from second Click2Gov breach
Joshua Skinner reports: The city of Odessa recently had a data breach involving its online payment web portal, and this isn’t the first time it’s happened. The breach only affected users of the online Click2Gov system who made one-time payments for utility bills. Odessa uses Click2Gov as third-party provider software that allows people to pay…
Transport Malta hit by cyberattack, recovers after 5 days
Transport Malta was hit by a cyberattack during the night between September 25 and 26. They would only admit to a technical problem and gave no further details at the time, but 5 days later, the system is now back up and running. But they’re still not saying what happened or how. h/t, @Chum1ng0
NY: Former Information Technology Employee Of Hospital Sentenced To 30 Months In Prison For Computer Intrusion
From the SDNY, a press release involving an unnamed hospital in NYC. I’ll tell you more about this one after the press release: Audrey Strauss, the Acting United States Attorney for the Southern District of New York, announced that RICHARD LIRIANO was sentenced yesterday to 30 months in prison for engaging in a scheme to…
Magnolia Pediatrics notifies patients of a security incident after OCR tells them it’s reportable
Almost one year after Magnolia Pediatrics notified 11,000 patients about a ransomware attack on an unnamed IT vendor, they are now notifying more than 12,000 patients of another attack. This time, they wound up firing their vendor. According to a notification on their web site, on March 26, the Magnolia Pediatrics discovered a security incident….