Sunflower Medical Group has notified 220,968 people of a December attack by Rhysida. According to their submission to the Maine Attorney General’s Office and their notification letter to those affected, the Kansas-based group of independent physicians detected the attack on January 7, 2025. Investigation revealed that it had occurred on December 15, 2024. The day…
Attorney General James Sues National General and Allstate Insurance for Failing to Protect New Yorkers’ Personal Information
NEW YORK – New York Attorney General Letitia James today filed a lawsuit against several insurance companies doing business as National General and Allstate Insurance Company (Allstate) for failing to protect New Yorkers’ personal information from cyberattacks. In 2020 and 2021, National General suffered a pair of back-to-back data breaches that exposed the driver’s license numbers of…
Endless Mountains Health Systems affected by cyberattack; patients alerted to situation
Endless Mountains Health Systems (EMHS) in Pennsylvania has been dealing with a cyberattack that has impacted its operations and some of its systems. They have not stated whether it is a ransomware incident or not. EMHS announced the attack on March 5 on its website, but had already been noting problems on its Facebook page…
Akira ransomware gang used an unsecured webcam to bypass EDR
The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. Pierluigi Paganini reports: Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. The ransomware group used an unsecured webcam to encrypt systems within a target’s network, bypassing Endpoint Detection…
SSK Plastic Surgery discloses it experienced a hack and extortion attempt in 2024
Another plastic surgery practice has revealed that it was the victim of a cyberattack with an extortion demand. SSK Plastic Surgery in California recently notified the California Attorney General’s Office of an incident. The state’s website indicates that SSK Plastic Surgery reported that the breach occurred on March 20, 2024 and was discovered or ended…
Extensive US public school employee data compromise reported from Carruth Compliance Consulting breach
SC Media reports: Oregon-based third-party retirement plan administrator Carruth Compliance Consulting had information from more than 40,000 public school teachers and employees in California, Illinois, New York, Oregon, and Pennsylvania exfiltrated following a December attack by the newly emergent Skira Team hacking group, which purported the theft of data from 36 public schools across the…