Mariella Moon reports: The state agencies of Maine had fallen victim to cybercriminals who exploited a vulnerability in the MOVEit file transfer tool, making them the latest addition to the growing list of entities affected by the massive hack involving the software. In a notice the government has published about the cybersecurity incident, it said the event…
UK: Nearly £2 million of stolen cryptocurrency to be paid back to victims
An interesting press release from the South East Regional Organised Crime Unit (SEROCU): Around £1.9 million worth of stolen cryptocurrency is to be paid back to victims of theft as a result of work by the South East Regional Organised Crime Unit (SEROCU). On 27 January this year, 40-year-old Wybo Wiersma, of Het Weike, Goredijk,…
PJ&A data breach also affected millions of Northwell Health patients (1)
News12 on Long Island reports that the Perry Johnson & Associates (PJ&A) breach reported previously on this site has also affected Northwell Health, a major health system on Long Island. PJ&A is the same medical transcription service vendor whose breach affected 1.2 million patients of Cook County Health in Illinois. That health system was notified…
Leader of $70M Cryptocurrency and Binary Options Fraud Schemes Extradited to the U.S.
November 3 – A Serbian man has been extradited to the United States, where he faces charges in two separate federal indictments in the Northern District of Texas and Eastern District of New York for his alleged participation in coordinated cryptocurrency and binary options schemes. On Feb. 3, pursuant to a request for provisional arrest…
Paging regulators to Aisle 4 to look at Pacific Union College’s data security and breach disclosure
On November 8, Pacific Union College in California notified the Maine Attorney General’s Office of a breach in March 2023 that impacted 56,041 people. Their notification, submitted by external counsel at McDonald Hopkins, indicates that the breach occurred between March 5 and March 19, 2023 and was discovered on October 9, 2023. That discovery date…
Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack
Team Huntress writes: In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat actor activity against multiple healthcare organizations. The attackers abused a locally hosted instance of a widely-used remote access tool, ScreenConnect—utilized by the company Transaction Data Systems (which…