In mid-November, DataBreaches reported that AlphV threat actors had added MeridianLink to their leak site. When their victim wouldn’t pay them, AlphV (aka “BlackCat”) filed a complaint with the Securities & Exchange Commission alleging that MeridianLink failed to comply with the SEC’s new cybersecurity rule requiring notification within four days of discovering a material breach….
Troubling attacks on medical sector continue: cancer center’s data leaked, specialty infusion pharmacies locked?
Attacks on the medical sector continue. Fred Hutchinson Cancer Center This week, the group known as Hunters International claimed responsibility for an attack on the Fred Hutchinson Cancer Center in Washington. Yesterday, they dumped data from an attack that allegedly included the exfiltration of 533.1 GB of files. Inspection of the tranche suggests that the…
Cyber Chaos in Ukraine: NoName Ransomware Strikes Prominent Targets
Ashish Khaitan reports: Ukraine has become the battleground for a cyber onslaught, with the NoName ransomware attack claiming responsibility for a series of attacks on various entities. The NoName ransomware attack has specifically targeted prominent organizations in Ukraine, as revealed by the threat actor on their dark web portal. The list includes the National Securities…
Israel-linked group claims cyberattack that shuts down 70% of Iran’s gas stations
Times of Israel staff and Agencies report: A hacking group that has previously been linked to Israel claimed on Monday to have paralyzed gas stations across Iran in a cyberattack. The group known as “Gonjeshke Darande,” or “predatory sparrow,” said that it had disabled “a majority of the gas pumps throughout Iran.” “This cyberattack comes…
MongoDB says customer data was exposed in a cyberattack
Lawrence Abrams reports: MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week. In emails sent to MongoDB customers from CISO Lena Smart, the company says they detected their systems were hacked on Wednesday evening (December 13th) and…
Welltok databreach affects CHI St. Alexius patients
Elizabeth Shores reports: Patients at CHI St. Alexius are receiving letters from Welltok, Inc., a third-party vendor, about a significant data breach. Welltok said it learned at the end of July about a data leak that had taken place during the summer. Welltok said it notified St. Alexius about the extent of the leak on…