On August 17, 2023, SouthCoast Medical Group (Southcoast Health) in Georgia notified HHS of a breach and posted a preliminary substitute notice on its website. At the time, they reported to HHS that 501 patients were affected, a marker for when an entity doesn’t yet know the actual number but knows it will be more…
Cyber Attack May Have Exposed Alabama Student, Teacher Data
Rebecca Griesbach reports: The Alabama State Department of Education experienced a data breach in June that may have compromised some student and employee data, officials announced Wednesday. On June 17, information system staff interrupted and stopped an attack on the department’s computer system before hackers could fully access the system or lock it, according to…
Florida health department data captured in cyberattack, hackers claim
Lawrence Mower, Romy Ellenbogen, and Christopher O’Donnell report: A hacker group claims it has breached the Florida Department of Health and gained access to a large amount of potentially sensitive data on Floridians. The RansomHub ransomware group said in a post on the dark web that it will release 100 gigabytes of department data unless the…
Operation Morpheus: Europol coordinates global action against criminal abuse of Cobalt Strike
Europol issued the following press release on July 3: Law enforcement has teamed up with the private sector to fight against the abuse of a legitimate security tool by criminals who were using it to infiltrate victims’ IT systems. Older, unlicensed versions of the Cobalt Strike red teaming tool were targeted during a week of…
Assessing the Disruptions of Ransomware Gangs
Intel 471 took a look back at law enforcement attempts to disrupt ransomware groups and at the recent Operation Cronos. Their timeline begins in 2021. The report looks at the immediate impact of disruptions and then the long-term impact. Do disruptions really make a significant — and lasting — dent in the problem, or are…
ShinyHunters Leak What They Claim Are 33M Twilio Authy Phone Numbers, Neiman Marcus and Truist Bank Data
Waqas reports: ShinyHunters hackers have taken responsibility for three high-profile data breaches involving Neiman Marcus, Truist Bank, and Twilio Authy, compromising personal details of millions of users and tens of thousands of employees. The infamous ShinyHunters hacking group, known for their recent Ticketmaster data breach, has struck again with a series of new attacks. This time,…