Marianne Kolbasuk McGee reports: More than 100 medical associations and industry groups representing tens of thousands of U.S. doctors and healthcare professionals have banded together to urge federal regulators to hold Change Healthcare responsible for breach notifications related to a massive February ransomware attack. The groups in a letter Monday asked the U.S. Department of Health and…
US says cyberattacks against water supplies are rising, and utilities need to do more to stop them
Michael Phillis and Matthew Daly report: Cyberattacks against water utilities across the country are becoming more frequent and more severe, the Environmental Protection Agency warned Monday as it issued an enforcement alert urging water systems to take immediate actions to protect the nation’s drinking water. About 70% of utilities inspected by federal officials over the…
More than one year later, New Jersey school district reveals data breach with sensitive info
NJ 101.5 FM reports: A Monmouth County school district hid details about a cyber-attack for over a year. Only now are they revealing student’s sensitive personal data was compromised. Officials at Shore Regional High School District in West Long Branch began notifying families on Friday. On Monday they issued a public statement. […] Shore Regional…
Negotiating with health care hackers
Ben Leonard and Chelsea Cirruzzo of Politico report: YOU’VE BEEN HACKED. NOW WHAT? Health care companies are retaining help — often from Silicon Valley — to manage ransomware attacks. The debilitating breaches at Change Healthcare, owned by UnitedHealth Group, in February and Ascension last month come as the Cybersecurity and Infrastructure Security Agency warns of a specific…
UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments
“Mother, May I?” UK entities may need permission to make ransom payments. Alexander Martin reports: Officials in Britain are set to propose a major overhaul of how the country responds to ransomware attacks by requiring all victims to report incidents to the government, and then obliging those victims to seek a license before making any…
Russian Access Broker “FlankerWWH” Indicted for Cybercrime Activities in New Jersey
A Russian citizen has been indicted for working as an “access broker” and selling unauthorized access to computer networks, including a victim company in New Jersey, U.S. Attorney Philip R. Sellinger, District of New Jersey. Evgeniy Doroshenko, 31, aka “Eugene Doroshenko”, aka “FlankerWWH,” aka “Flanker,” of Astrkhan, Russia, is charged by indictment with one count…