Lawrence Abrams reports: A victim’s insurance company convinced the UK courts to freeze a bitcoin wallet containing over $800K worth of a ransomware payment. […] After making the ransom payment, the insurance carrier did something very smart. Read more on BleepingComputer.
IL: District 155 system access ‘limited’ after ransomware attack, no data breach, officials say
Cassie Buchman reports: Access to Crystal Lake Community High School District 155’s information systems currently is limited after its computers were infected with ransomware sometime Friday. Read more on Northwest Herald (subscription required)
Regis University paid ransom after cyberattack last fall
Noel Brennan reports: Six months after Regis University computers were targeted in a cyberattack, the university hosted a conference to help government agencies, businesses and schools better defend and recover from similar attacks. […] “Regis did pay the ransom to get the systems back up as quickly as we could,” said Jennifer Forker, a spokesperson…
Maze Team updates its site, dumps more victims’ data
The Maze Team attackers continue to announce more of their ransomware victims that have not complied with their ransom demands, and they continue to dump data from those who do not pay them. When I checked their site again today, I noticed that they had announced that they have dumped all their files on the…
Breached Wawa Payment Card Records Reach Dark Web
Both Gemini Advisory and KrebsOnSecurity caught this one quickly. From Gemini Advisory: Joker’s Stash began uploading records as advertised on January 27. The breach was titled “BIGBADABOOM-III” and appeared in four different bases. The records included the state geolocation information, but not the city or ZIP Code as previously announced. The listed geolocation data for…
VillageCareMAX & VillageCare Rehabilitative & Nursing Center Notices of Data Privacy Incident After Business Email Compromise
The following is part of the notice Village Senior Services Corporation d/b/a VillageCareMAX posted on their website. Note that the attacker was apparently requesting names and Medicaid ID numbers, which makes me wonder what the plan for misuse was — insurance fraud, perhaps? VillageCareMAX (“VCMAX”) is providing notice of an incident that may affect the…