Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Syracuse ASC, LLC doing business as Specialty Surgery Center of Central New York, for potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security and Breach Notification Rules. Syracuse ASC is a…
Tag: ransomware
British institutions to be banned from paying ransoms to Russian hackers
Mason Boycott-Owen reports: Hospitals, local councils and operators of critical U.K. infrastructure are among the organizations who will be banned from paying ransoms to hackers under new plans unveiled by the British government. The move — which will cover all public sector bodies as well as the owners and operators of critical national infrastructure —…
Authorities released free decryptor for Phobos and 8base ransomware
Pierluigi Paganini reports: Japanese authorities released a free decryptor for Phobos and 8Base ransomware, allowing victims to recover files without paying. Japanese police released the free decryptor for ransomware families, which was likely built using intel from a recent gang takedown. The software can be downloaded from the police website and Europol’s NoMoreRansom site. The tool works on files with extensions like .phobos,…
Ransomware attack disrupts Korea’s largest guarantee insurer
Choi Ji-Won reported on Tuesday: Seoul Guarantee Insurance, South Korea’s largest provider of guarantee insurance, has been crippled by a ransomware attack, with its core systems offline for a third straight day. The incident began early Monday, when SGI reported an “abnormal symptom” in its database system. By Tuesday afternoon, a joint investigation by the…
The U.K. is considering prohibiting ransom payments. It’s a difficult issue.
How many times have the FBI and CISA urged entities NOT to pay ransom because it just encourages the attackers to attack more, while others suggest that a total ban would make things a lot worse? On January 14, the U.K. government opened a consultation, Ransomware legislative proposals: reducing payments to cyber criminals and increasing…
Two ransomware groups claimed they attacked Rutherford County Schools. One leaked sensitive records. (UPDATED)
From the “Wait-What-Happened-Here Dept:” On October 19, the Black Suit ransomware group announced that they had attacked Rutherford County Schools in Tennessee. Their listing, posted on their dark web site, included what appears to be an indication of what data and how much data they were able to exfiltrate. It did not indicate whether they…