Canon publicly confirms August ransomware attack, data theft

Ionut Ilascu reports: Canon has finally confirmed publicly that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers. BleepingComputer was the first to report the attack after tracking a suspicious outage on the cloud photo and video storage service (image.canon) that caused users to lose files....

Service provider to fertility clinics discloses malware attack

A press release from US Fertility (“USF”) follows.  The Center for Fertility and Gynecology in California is not listed among USF entities in the press release. I mention that because the Center for Fertility and Gynecology still has not posted anything on their site or issued any press release about a ransomware attack that...

Sophos notifies customers of data exposure after database misconfiguration

Catalin Cimpanu reports: UK-based cyber-security vendor Sophos is currently notifying customers via email about a security breach the company suffered earlier this week. “On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support,” the company said in an...

Happy Thanksgiving

  2020 has been so brutal that it feels almost risky to wish people a Happy Thanksgiving because I know that there are families who have lost loved ones this year and other families who are heeding advice not to travel or to gather in the large get-togethers you might otherwise enjoy on this...

Fairchild Medical Center server was exposing patient information for 4.5 years until a security firm alerted them

Ugh. Fairchild Medical Center had a misconfigured server exposing PHI from December 16, 2015 until they were alerted to the problem in late July by an unnamed security company who discovered the exposure. Here’s their press release, below. Note that this does not (yet) appear on HHS’s breach tool. YREKA, Calif., Nov. 25, 2020 /PRNewswire/ —...

PA: Part of Delaware County Computer System Down After Attacked By Hackers

Chad Pradelli and Cheryl Mettendorf report: Cybercriminals have attacked the Delaware County, Pennsylvania government network and taken it hostage. The criminals are demanding $500,000 to free it up. Sources told Action News, the cybercriminals gained control of the network on Saturday encrypting files, including police reports, payroll, purchasing, and other databases. Prosecution evidence, however,...