The Urology Center of Colorado (TUCC) On September 8, TUCC detected an attack that began September 7. Their investigation revealed that patients’ name and one or more of the following data elements may have been date of birth, Social Security number, address, phone number, email address, medical record number, diagnosis, treating physician, insurance provider, treatment…
Update on impact of the Washington Central Unified Union School District ransomware attack
On October 28, this site noted a report that Washington Central Unified Union School District in Vermont had been the victim of an as-yet-unconfirmed ransomware attack. The district has now issued a notification that makes clear that personal and health information of students and personnel may have been accessed or acquired. Their announcement also indicates…
Technology vendor, mental health services provider, and pain management clinic all report breaches involving protected health information
QRS On August 26, healthcare technology services company QRS, Inc. (“QRS”) discovered that an attacker had compromised a patient portal and exfiltrated some files from that client’s server. The compromise had been detected within three days of the attack. The information the threat actor may have accessed or acquired may have included, depending on the…
US Defense Contractor Discloses Data Breach
Dark Reading reports: Electronic Warfare Associates (EWA), a US defense contractor, has confirmed a data breach in which attackers exfiltrated files containing personal information. The breach began with a phishing attack that had “some limited impact” on EWA email accounts, officials report in a notification letter. Their investigation determined an attacker broke into EWA email accounts…
bZx Network Hacked for $55M
Vishal Chawla reports: bZx, a widely-used DeFi protocol, has lost $55 million to an unknown hacker who it claims gained illegitimate access to its private key. It is still not clear how the hackers carried out the attack. Read more on Crypto Briefing although not much is known at the time of this posting.
INTERPOL-led operation takes down prolific cybercrime ring
Interpol has released more details about theJune, 2021 takedown and arrest of people associated with CLOP and other groups. The following is today’s press release: SEOUL, Korea – A 30-month transcontinental investigation and operation has resulted in arrests and Red Notices for suspects believed to be behind a global malware crime network. Two Red Notices,…