The News Tribune reports that the Capital Region Medical Center in Missouri has started notifying patients whose protected health information (PHI) was accessed during a ransomware incident in December, 2021 that left their phone systems and network down for several days. CRMC had disclosed the incident promptly but had not been able to immediately determine…
Class action lawsuit against UKG over Kronos Private Cloud ransomware incident
A class action lawsuit has been filed in a California federal court against workplace management software company UKG Inc. UKG makes timekeeping and payroll management software and offers Kronos Private Cloud services. As a result of a ransomware attack in December, employees of the firm’s clients were not paid at all, were paid late, or…
Report: Recent 10x Increase in Cyberattacks on Ukraine
Brian Krebs reports: As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. Read more at KrebsOnSecurity.com
SEC Proposes Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies
Washington D.C., March 9, 2022 — The Securities and Exchange Commission today proposed amendments to its rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. “Over the years, our disclosure regime has evolved to reflect evolving risks and investor needs,” said SEC Chair Gary Gensler. “Today,…
HHS Cybersecurity Update: Conti Ransomware Update
TLP: White Report: 202203101700 March 10, 2022 Conti Ransomware (Update) Executive Summary Conti is a ransomware group that has aggressively targeted healthcare organizations since it was first observed in 2019. Conti ransomware attacks have targeted the healthcare industry, major corporations, and government agencies, particularly those in North America. In typical Conti ransomware attacks, the…
287,652 South Denver Cardiology Associates patients notified of breach
South Denver Cardiology Associates (SDCA) recently disclosed that it began the new year with a data security breach that they first detected on January 4. Initiating their incident response plan, their investigation determined that an unauthorized person accessed their network between January 2, 2022 and January 5, 2022. During that time, certain files stored on…