Ben Leonard and Chelsea Cirruzzo of Politico report: YOU’VE BEEN HACKED. NOW WHAT? Health care companies are retaining help — often from Silicon Valley — to manage ransomware attacks. The debilitating breaches at Change Healthcare, owned by UnitedHealth Group, in February and Ascension last month come as the Cybersecurity and Infrastructure Security Agency warns of a specific…
UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments
“Mother, May I?” UK entities may need permission to make ransom payments. Alexander Martin reports: Officials in Britain are set to propose a major overhaul of how the country responds to ransomware attacks by requiring all victims to report incidents to the government, and then obliging those victims to seek a license before making any…
Russian Access Broker “FlankerWWH” Indicted for Cybercrime Activities in New Jersey
A Russian citizen has been indicted for working as an “access broker” and selling unauthorized access to computer networks, including a victim company in New Jersey, U.S. Attorney Philip R. Sellinger, District of New Jersey. Evgeniy Doroshenko, 31, aka “Eugene Doroshenko”, aka “FlankerWWH,” aka “Flanker,” of Astrkhan, Russia, is charged by indictment with one count…
Fi: Hacker could have personal information of every schoolkid in Helsinki, City says
YLE News reports: The perpetrator of a major hacking of the City of Helsinki’s education division’s database could have accessed the personal information of all compulsory school aged children in the capital, as well as their parents or guardians, the city has revealed in a press release. City authorities announced last week that the data breach affected about…
Superior Air-Ground Ambulance Service notifies more than 850,000 patients of cyberattack last year
Superior Air-Ground Ambulance Service, Inc. {“Superior”) has locations in five states: Illinois, Indiana, Ohio, Michigan, and Wisconsin. On May 10, they notified HHS of an incident affecting 858,238 patients. A notice on their website explains that they discovered unusual activity in their network in May 2023. “On June 23, 2023, the investigation determined that an…
Tx: CentroMed discloses a second data breach within one year (UPDATE 1)
In August 2023, El Centro Del Barrio (“CentroMed”) reported a breach that affected 350,000 patients. The incident, which had been claimed by Karakurt threat actors in June, involved patients’ names, addresses, dates of birth, Social Security numbers, financial account information, health insurance plan member IDs and claims data. A check of Karakurt’s leak site today…