Ron Zeitlinger of The Jersey Journal reports: Social security numbers, driver’s licenses, payroll, health and other personal information of Hoboken workers and residents ― including dozens who applied for rental assistance during the pandemic ― was among the data stolen in the cyberattack last month, The Jersey Journal has confirmed. The Russia-linked ransomware group ThreeAM (also known as…
Anna Jaques Hospital notifies 316,300 people about 2023 ransomware attack
On Christmas, December 2023, Anna Jaques Hospital (AJH) in Massachusetts was grappling with a cyberattack that knocked out their EHR system and resulted in them having to divert ambulances to other area hospitals. On January 23, they posted a preliminary website notice (archived) about the attack. That notice was posted four days after threat actors…
Veterans Affairs’ Nurse Charged With Unlawfully Accessing Patient Health Information
Here’s today’s reminder of the insider threat. It’s a shame they don’t explain how the employee was able to access the patient’s information or why it was accessed. From the U.S.A.O. of the Western District of Michigan: GRAND RAPIDS – U.S. Attorney for the Western District of Michigan Mark Totten today announced that Jessica Nicole Pitcher,…
Developing: Blue Yonder ransomware attack claimed by Termite
Termite threat actor(s) have now claimed responsibility for the Blue Yonder ransomware attack that has caused widespread impact. They provide no proof as yet, but a note posted on their dark web leak site several hours ago says, “Our team got 680gb of data such as DB dumps Email lists for future attacks (over 16000)…
Alleged ShinyHunters member returned to France after prison in the U.S., now facing French charges
On January 9, 2024, DataBreaches reported that French national Sébastien Raoult had been sentenced in a Seattle federal court, but might be out in 11 months. As a suspected member of ShinyHunters, Raoult (aka “Sezyo Kaizen”) had been extradited to the U.S. after being detained in Morocco on his way home to France from a…
HHS OCR Imposes a $548,265 Penalty Against Children’s Hospital Colorado for HIPAA Violations
Not all monetary penalties are for breaches affecting large numbers of patients. In this case, HHS imposed a penalty on an entity that had breaches in both 2017 and 2020. DataBreaches notes that the 2017 incident affected 3,370 patients, and the 2020 incident affected 2,553 patients — as reported to HHS at the time. Today,…