Update: This incident was reported to HHS as affecting 1,362,470 patients. The Centers for Medicare and Medicaid (CMS) has posted a notice on its site about a data breach at one of its contractors, Maximus Federal Services, Inc. Maximus was one of hundreds of victims of a 0day attack on MOVEit file transfer software by the…
SSNDOB Marketplace Admin Pleads Guilty To Charges Related To His Operation Of A Series Of Websites
July 25 — Tampa, Florida – United States Attorney Roger B. Handberg, along with Special Agent in Charge Kareem Carter for the IRS – Criminal Investigation Washington D.C. Field Office, and Special Agent in Charge David Walker for the FBI – Tampa Division, announces that Vitalii Chychasov (37, Ukraine) has pleaded guilty to conspiracy to…
Hawaiʻi Community College pays ransom to attackers
Law enforcement and experienced ransomware professionals generally advise victims not to pay any ransom demands. Yet the University of Hawaiʻi Community College decided that they would pay following an attack that they first disclosed on June 13. So why did they make that decision? In a statement on their website this week, they explain: After…
NH: Lebanon students to finally receive grades from June after cyberattack delay
Nora Doyle-Burr reports: Middle and high school students in the Lebanon School District are expected to receive their grades for the academic year that ended in June next week. The delayed release comes after some of the district’s key systems were taken offline as a precaution following a June cyberattack. PowerSchool, a student information database where…
Read more Health3PT Releases Blueprint for Third Party Risk Management to Fix the Ineffective Cyber Risk Assessment Process for the Healthcare Industry
Survey finds 60% of covered entities and 72% of their vendors believe today’s third-party risk management practices are not effective: new guidance provides a consistent set of practices to reduce cyber risk for the health industry FRISCO, Texas–July 27, 2023–The Health 3rd Party Trust (Health3PT) Initiative today announced the release of the Health3PT Recommended Practices &…
ALPHV ransomware adds data leak API in new extortion strategy
Ionut Ilascu reports: The ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their victims to pay a ransom by providing an API for their leak site to increase visibility for their attacks. […] Multiple researchers spotted earlier this week that the ALPHV/BlackCat data leak site added a new…