Abigail Ruhman reports: Indiana Attorney General Todd Rokita is suing a northwest Indiana medical office over a ransomware event that put personal and protected health information at risk. The lawsuit alleges the provider was aware of security concerns before the data breach. The lawsuit filed last week against CarePointe — an ear, nose, throat, sinus...

David Bell reports: In a press release issued Friday, Mt. Graham Regional Medical Center announced it is dealing with a “cybersecurity incident.” The release states the attack affected the hospital’s communication and information systems, and officials are working with law enforcement and other system experts to determine the extent of the hack, including if...

Earlier today, DataBreaches provided a small update on U.S. medical entities recently attacked or leaked by AlphV (BlackCat). Other groups also continue to attack health care entities. Here are a few: Monti added Cascade Family Dental to their leak site on October 1 with a note: About 130 Gb was downloaded. At 12 October...

Today’s part of the interview with the hacker known as “Umbreon” is brought to you by the letter “R.”  In this case,”R” is for Restitution, Remorse and Regrets, and Reparations. As with previous segments, this was conducted by telephone over days and weeks. The transcript has been edited for length and clarity. For those...

MNGI Digestive Health was only one of several medical entities AlphV recently listed. The biggest one is their attack on McLaren Health, where they write: It would have been more interesting if a Mclaren representative had talked in an interview about how they asked not to publish the stolen data and skillfully wanted to...

On September 25, DataBreaches reported that AlphV had claimed to have attacked MNGI Digestive Health.  MNGI never responded to this site’s inquiries at that time or since then. On September 29, AlphV announced  “TIME IS UP” and leaked more than 800 GB of what they claim is 2+ TB of data they acquired, adding:...

Past coverage on DataBreaches about Sebastien Raoult can be found linked from “Raoult.” Since he was first detained in 2022, both he and everyone involved in ShinyHunters have denied that he was ever part of that group, yet DOJ seems to have gotten him to plea to a conspiracy count involving ShinyHunters.  From the...

SSN reports: A technology outage that impacted rail operations for the Norfolk Southern Corporation late Friday evening on September 29, have been ruled not a cyber-attack following an update from the company on Saturday. That Friday evening, Norfolk Southern’s data center experienced an outage that impacted rail operations that included their dispatching system, train...

Progress Software WS_FTP Critical Vulnerabilities Executive Summary Progress Software, the maker of the MOVEit file transfer software which was widely exploited by the CL0P ransomware-as-a-service (Raas) group, has released a new advisory regarding multiple vulnerabilities in the WS_FTP Server, a file transfer product. Two of the vulnerabilities were rated as critical and are being...