Apr 232018

Zack Whittaker reports:

Atlanta spent more than $2.6 million on recovery efforts stemming from a ransomware attack, which crippled a sizable part of the city’s online services.

The city was hit by the notorious SamSam ransomware, which exploits a deserialization vulnerability in Java-based servers. The ransom was set at around $55,000 worth of bitcoin, a digital cryptocurrency that in recent weeks has wildy fluctated in price.

But it’s understood that the ransom was never paid — because the portal used to pay the ransom (even if the city wanted to) was pulled offline by the ransomware attacker.

Read more on ZDNet.

Apr 232018

Stephanie Barry reports on a case that I don’t recall ever hearing about before:

Jury selection will begin this morning in the trial of Rita Luthra, a former gynecologist accused of violating patient confidentiality laws, witness tampering and lying to federal investigators.

The case against Luthra, of Longmeadow, is a significantly watered-down version of the original criminal indictment brought in 2015 against the former physician, That charged an alleged kickback scheme involving a pharmaceutical company, which Luthra denied.


She now faces three revised criminal charges after the government dismissed its original indictment. Those are one count of violating the Health Information Portability and Accountability Act (HIPAA), one count of witness tampering, and one count of obstruction of a criminal health care investigation.

Read more on MassLive.

Apr 232018

Sum Lok-kei reports:

Hong Kong’s second-largest residential broadband provider will purge the data of 900,000 former customers, as well as reducing how long it holds information, after a hack last week compromised the data of hundreds of thousands of customers.

Hong Kong Broadband Network (HKBN) announced the new security measures as CEO William Yeung Chu-kwong admitted on Monday the hacked personal information of 380,000 current and former customers was stored in an unencrypted database.

Read more on South China Morning Post.

Apr 232018

Brian Krebs reports:

MEDantex, a Kansas-based company that provides medical transcription services for hospitals, clinics and private physicians, took down its customer Web portal last week after being notified by KrebsOnSecurity that it was leaking sensitive patient medical records — apparently for thousands of physicians.

On Friday, KrebsOnSecurity learned that the portion of MEDantex’s site which was supposed to be a password-protected portal physicians could use to upload audio-recorded notes about their patients was instead completely open to the Internet.

Read more on KrebsOnSecurity.

Apr 232018

Ryan Ross reports:

The P.E.I. government’s website appears to have been the victim of a ransomware attack.

Visitors to some pages on the website this morning were met with a screen that said “Oops, your website have been encrypted!”

The page warned that files on the website were encrypted and no longer accessible.

Read more on The Guardian.

Miguel Gomez adds that the payment demanded by the attackers was 0.0057 BTC, approximately USD $50.00.

Read more about why Gomez thinks this was likely a strain of WannaCry on  Cryptovest.