Attorneys general across 33 states have reached settlements for three health data breaches that affected nearly 2 million people, including a $1.4 million settlement for a clearinghouse that left patient data exposed for three years. The AGs accused the firms of violating state laws and HIPAA rules.
European police in Paris this week arrested a man accused of being a key developer of Ragnar Locker ransomware. A joint action led by French authorities resulted in one arrest and the questioning of five suspects located in Spain and Latvia in coordinated action that began Monday.
The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.
The FBI is warning plastic surgery practices and their patients of cybercriminals targeting their sensitive health information and medical photos for extortion schemes. The alert followed recent hacking incidents at several plastic surgery practices involving data theft.
The data leak and negotiation sites for the Ragnar Locker ransomware group went offline Thursday after an international law enforcement operation, backed by the FBI and police in Europe, seized its infrastructure. Whether the disruption spells the end for Ragnar Locker remains unclear.
Pro-Ukrainian hackers claimed responsibility for wiping the servers of the Trigona ransomware gang, a recently formed group that may have links to the Russian cybercriminal underground. "'Terrible Russian hackers,' yeah, yeah," wrote a self-described spokesman for the Ukrainian Cyber Alliance.
The Kansas Supreme Court said it is probing a "security incident" that has disrupted access to IT systems also used by the state's Court of Appeals and every District Court but one, leaving them unable to accept electronic filing of documents or process some cases.
Federal authorities are warning healthcare organizations and the public health sector of threats involving NoEscape, a relatively new multi-extortion ransomware-as-a-service group believed to be a successor to the defunct Russian-speaking Avaddon gang.
Ransomware-wielding attackers are targeting unpatched versions of FTP software that is widely used by large enterprises, including government and educational organizations. A researcher released proof-of-concept exploit code for WS_FTP software just one day after Progress Software issued its patch.
As organizations face the constant threat of ransomware attacks, it's essential to understand the nature of this pervasive threat and how organizations can respond effectively, said Angus Clarke, vice president, BSO, Mastercard. The obvious answer is never pay a ransom - most of the time.
Cloud compromises and supply chain attacks are overshadowing ransomware as the top cyberthreats worrying healthcare sector organizations - but all such incidents are still viewed as significant risks to patient outcomes and safety, said Ryan Witt of Proofpoint, citing new research findings.
A recent attack by a Russian ransomware-as-a-service group that stole the personal information of 2.5 million patients of McLaren Health Care has triggered at least three proposed federal class action lawsuits in recent days, claiming the healthcare company failed to protect patient privacy.
Hotel and casino giant MGM Resorts says the recent hack attack against it cost $110 million in lost revenue and mitigation expenses. The publicly traded company expects to recoup losses and costs to date via cyber insurance. MGM Resorts says that its investigation remains ongoing.
Clorox said Wednesday an August cyberattack had caused a drop in the bleach manufacturing giant's sales and profits in the quarter ended Sept. 30. The company said organic sales will drop between 21% and 26% due to widespread disruption, order processing delays and product outages after the hack.
Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack. The firm must also enhance its security and not misrepresent its data security practices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.