On October 13, AlphV threat actors added Morrison Community Hospital to their dark web leak site. Within hours, it appeared to have been removed. Today, it was re-listed with this commentary by AlphV: HUGE LEAK COMING! SQL + DATA = 5TB Given that we haven’t received a clear response from MCH representatives, we’ve decided to…
Casio discloses data breach impacting customers in 149 countries
Sergiu Gatlan reports: Japanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of its ClassPad education platform. Casio detected the incident on Wednesday, October 11, following the failure of a ClassPad database within the company’s development environment. Evidence suggests that the attacker accessed customers’ personal…
RagnarLocker ransomware dark web site seized in international sting
Carly Page reports: An international group of law enforcement agencies have seized the dark web portal used by the notorious RagnarLocker ransomware group, TechCrunch has learned. A message on the RagnarLocker website now states that, “this service has been seized by a part of a coordinated international law enforcement action against the RagnarLocker group.” According…
Hacker leaks millions of new 23andMe genetic data profiles
Lawrence Abrams reports: A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe services to find their ancestry info and genetic predispositions. 23andMe told BleepingComputer…
Cuba ransomware gang demands $1.9 million for decryption key; Rock County refuses
WCLO reports an update to the ransomware attack experienced by Rock County, Wisconsin in September after they were attacked by the Cuba ransomware gang: Rock County officials are refusing to pay the $1.9 million hackers are seeking to unlock files that were encrypted during a recent ransomware attack. … Smith says fortunately all critical systems…
Personal Touch Holding settles NY Attorney General’s lawsuit stemming from 2021 ransomware incident: will pay $350k, improve security
From a press release from the NYS Attorney General’s Office today: New York Attorney General Letitia James today secured $350,000 from a Long Island-based home health care company, Personal Touch Holding Corporation (Personal Touch), for failing to protect vulnerable New Yorkers’ personal information and health care data. Personal Touch’s poor data security made it vulnerable to…