Gabrielle Lewis reports: Four class action lawsuits alleging Frederick Health Hospital failed to protect patients’ sensitive data during a ransomware attack in January were filed this month. These lawsuits accuse FHH of having inadequate cybersecurity measures, neglecting its obligation to protect patient data, improperly notifying the people affected by the data breach and putting individuals…
Scattered Spider Hacking Suspect Extradited to US From Spain
Margi Murphy reports: An alleged member of the notorious Scattered Spider cybercrime group was extradited from Spain to the US on Wednesday, according to a Department of Justice official. Tyler Buchanan, a 23-year-old from Scotland, was arrested last year over his alleged involvement in the theft of sensitive data about American consumers and tens of…
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector
Michael Gorelik of Morphisec writes: Morphisec recently investigated an incident involving a new variant of one of the most aggressive ransomware families: Mimic version 7.5. First observed in 2022, Mimic remains relatively underreported in the public domain, aside from a detailed analysis of Mimic version 6.3 that was previously published by Cyfirma and Kaspersky. Target Audience: This threat analysis…
Former Disney employee who hacked Disney World restaurant menus in revenge sentenced to 3 years in federal prison
When a former Disney World employee was accused of changing the menus at Disney World restaurants, it made headlines. And in January, when he admitted to changing the menus — including information about allergy information that could have created serious health risks for diners — that also made headlines. Now Michael Scheuer, who faced 10…
No need to hack when it’s leaking (CORRECTED)
Please note the correction at the bottom of this post. Researcher Jeremiah Fowler recently discovered an unsecured database with protected health information (PHI) that appeared to be linked to Atrium Health in North Carolina. As reported at WebsitePlanet, there were 21,344 records with a total size of 6.99 GB. The database appeared to be an…
DOGE Sued Over Record Keeping, Failing to Reply to FOIA Requests
If breaches or insider wrongdoing by DOGE employees are suspected, DOGE’s alleged failure to maintain and make transparent required records makes investigation nearly impossible or actually impossible. Mallory Culhane reports: The Department of Government Efficiency and top Trump administration officials are being sued over the agency’s alleged violations of federal record-keeping and transparency laws. DOGE…