Mathew J. Schwartz reports: Many ransomware-wielding attackers are expert at preying on their victims’ compulsion to clean up the mess. Hence victims often face a menu of options: Pay a ransom for a decryptor, and you’ll be able to unlock forcibly encrypted data. Pay more, and your name gets deleted from the list of victims…
New Data Quantifies Ransomware Attacks on Healthcare Providers
Hannah Neprash and Alan Z. Rozenshtein write: In a new JAMA Health Forum Original Investigation, we and our co-authors address this data gap. We have created the Tracking Healthcare Ransomware Events and Traits (THREAT) database, a comprehensive accounting of 374 ransomware attacks on U.S. healthcare delivery organizations from 2016-2021. To assemble this database we used…
Ransomware group claims to have encrypted Centro Médico Virgen De La Caridad
Hive has added yet another medical entity to its leak site. This time, it’s Centro Médico Virgen De La Caridad health system in Cartagena, Spain. The system consists of two hospitals (Cartagena and Caravaca), 20 polyclinics, 23 physiotherapy clinics, and 16 dental clinics throughout Murcia and Orihuela Costa. In addition, the group has one aesthetic…
Bristol Community College acknowledges ransomware attack
Stephen Peterson reports: The computer systems of Bristol Community College were hacked in a “ransomware” incident, college officials acknowledge. The college, which has a campus in Attleboro, said in a statement posted Friday on its website their computer network was hacked by a “criminal cyberattack” and “this incident involved ransomware encryption.” Read more at The…
Los Angeles’ Housing Authority hit by LockBit – Claim
If folks in Los Angeles were upset about the ransomware incident involving the Los Angeles Unified School District, they might want to buckle up before reading this: It appears that LockBit 3.0 has managed to compromise and exfiltrate data from the Housing Authority of the City of Los Angeles (HACLA). Municipal housing authorities collect and…
2023 New Year’s Resolution: Don’t Get “Whacked” By A State AG for Cybersecurity Compliance
Joe Lazzarotti of Jackson Lewis writes: It usually happens after a reported data breach. The organization experiencing the breach sends notifications to affected individuals, as well as federal and or state agencies where appropriate and perhaps other parties. Not long thereafter, the organization receives an inquiry from one or more government agencies. These inquiries typically…