TLP: White Report: 202203101700 March 10, 2022 Conti Ransomware (Update) Executive Summary Conti is a ransomware group that has aggressively targeted healthcare organizations since it was first observed in 2019. Conti ransomware attacks have targeted the healthcare industry, major corporations, and government agencies, particularly those in North America. In typical Conti ransomware attacks, the…
287,652 South Denver Cardiology Associates patients notified of breach
South Denver Cardiology Associates (SDCA) recently disclosed that it began the new year with a data security breach that they first detected on January 4. Initiating their incident response plan, their investigation determined that an unauthorized person accessed their network between January 2, 2022 and January 5, 2022. During that time, certain files stored on…
Altoona Area School District data shows up on dark web months after cyberattack
Nicole Fuschino reports: A.A.S.D. Superintendent Dr. Charles Prijatelj said this morning that back in early December of last year the school had an attack on their “routing server” after which they started working with a high-end security software on all of the district servers. However, this week district administration was contacted by employees saying they…
After delaying notification so as not to interfere with criminal investigation, GreenSlate makes notification of data breach
GreenSlate is notifying employees of some of its clients about a breach involving a rogue Canadian employee. According to their notification template submitted to the California Attorney General’s Office, on December 22, 2021, the firm’s security team detected that between December 10 and December 15, 2021, an employee in Canada had downloaded scanned paperwork and…
U.S. Congress Passes Cyber Incident and Ransom Payment Reporting Requirement
Energy, financial services, food and agriculture, healthcare, information technology, defense industrial base, and other critical infrastructure entities in the United States will face new cyber incident reporting requirements as a result of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the Act), enacted by the U.S. Congress on March 10, 2022. Read more…
Protenus releases the 2022 Breach Barometer report on health data breaches: More than 50 million affected
Protenus, a healthcare compliance analytics company, has released its annual Breach Barometer report. Protenus has been making its annual report on health data incidents freely available since 2016 as the result of an ongoing collaboration between the firm and DataBreaches.net. DataBreaches.net compiles incidents and provides some of their statistical analyses and is compensated for its…