Mary Katherine Wildeman reports: United Healthcare customers in South Carolina may have seen their private information exposed in a data breach that happened last year, the company said in a disclosure Friday. First and last names, health plan information and private medical claims data all could have been compromised, United said. The health insurance company…
More Maze Team victims are revealed
A few developments concerning ransomware attacks by Maze Team: Crossroads Technologies notifies a covered entity about ransomware attack I think I finally have some information on the Crossroads attack claimed by Maze Team on their site. So far, no one — not Crossroads Technologies and not CrossroadsNet have answered my repeated inquiries, despite the fact…
Fondren Orthopedic Group notifies patients after malware incident destroyed patient records
Fondren Orthopedic Group in Texas is notifying patients of Dr. K. Matthew Warnock of a malware incident on November 21, 2019. The attack corrupted and permanently damaged some patients’ records, but there was no evidence that other any records were accessed and copied or exfiltrated. According to their notice to HHS, they are notifying 30,049…
Lawsuit in India Seeks to Shut Down Access to U.S. Journalism Website
Naomi Gilens of EFF writes: Computer security researchers and journalists play a critical role in uncovering flaws in software and information systems. Their research and reporting allows users to protect themselves, and vendors to repair their products before attackers can exploit security flaws. But all too often, corporations and governments try to silence reporters, and…
Winnti Group targeting universities in Hong Kong
Mathieu Tartare writes: In November 2019, we discovered a new campaign run by the Winnti Group against two Hong Kong universities. We found a new variant of the ShadowPad backdoor, the group’s flagship backdoor, deployed using a new launcher and embedding numerous modules. The Winnti malware was also found at these universities a few weeks…
FL: Clinic worker pleads guilty to identity theft
Austin L. Miller reports: A 49-year-old Leesburg woman pleaded guilty in the federal courthouse in Ocala Thursday to charges of aggravated identity theft and wire fraud. Stacey Lavette Hendricks faces up to 20 years behind bars on the wire fraud charge, followed by a mandatory two-year term for identity theft, according to federal authorities. Read…