Today, the Polish authorities are announcing the arrest of 4 suspected hackers as part of a coordinated strike against cybercrime. Those arrested are believed to be among the most active cybercriminals in the country. This operation was carried out by the Polish Police Centre Bureau of Investigation (Centralne Biuro Śledecze Policji) under the supervision of…
Fallout From The Ransomware Attack At Illinois Valley Community College Is Still Far From Over
Peter Medlin has an update on the Pysa (mespinoza) ransomware attack on Illinois Valley Community College that was first disclosed in April. The college had not paid the ransom demand, and has continued to work to recover from the attack. Medlin notes: In the months since the ransomware incident, IVCC has had to rebuild and…
Interim Report on Blackbaud Breach: 5.6 million patients and counting…
Since our first interim report, DataBreaches.net has continued to compile reports that mention patient information that was disclosed to Blackbaud and that may have been accessed or exfiltrated by ransomware threat actors in the data breach discovered in May. Despite the criminals pinky-swearing that they wouldn’t misuse the data and would destroy it all in…
Maryland Man Sentenced to Prison for Intentionally Damaging the Computers of His Former Employer
From DOJ, this press release today about a case where a former employee exceeded previously authorized access: A Maryland man was sentenced by U.S. District Judge Catherine C. Blake today to 12 months and one day in federal prison, followed by three years of supervised release, for illegally accessing and damaging the computer network of…
More drama in the world of ransomware? Was Vard Group victimized twice?
Now what happened here? The Sodinokibi (“REvil”) ransomware operators have a new post that seems to claim that one of their victims was defrauded by a recovery company to the tune of $5.5 million. Vard Group, a Norwegian unit of shipbuilder Fincantieri SpA, was attacked in June 2020. But what happened next? It sounds like the…
OH: Stark Summit Ambulance notified patients and employees of data breach
Ohio-based Stark Summit Ambulance has disclosed a data security incident impacting employees and patients. On May 28, 2020, the firm learned of unusual activity involving one Stark Summit Ambulance employee email account. Over the next few months, as they continued investigating, they discovered more employee email accounts that had been compromised. By the end of July,…