Mar 222018

Sean Gallagher reports:

The city of Atlanta government has apparently become the victim of a ransomware attack. The city’s official Twitter account announced that the city government “is currently experiencing outages on various customer facing applications, including some that customers may use to pay bills or access court-related information.”

According to a report from Atlanta NBC affiliate WXIA, a city employee sent the station a screen shot of a ransomware message demanding a payment of $6,800 to unlock each computer or $51,000 to provide all the keys for affected systems. Employees received emails from the city’s information technology department instructing them to unplug their computers if they noticed anything suspicious. An internal email shared with WXIA said that the internal systems affected include the city’s payroll application.

Read more on Ars Technica.

Mar 202018

WHEC  reports that Finger Lakes Health  is functioning the old-fashioned way while its computer system remains locked up by an unspecified type of ransomware:

The agency said that an outside party is demanding payment to let it access its files.

The agency was notified of the breach around midnight Sunday. Officials at Finger Lakes Health say right now, there’s no indication patient or employee information has been compromised.

CORRECTION:  A previous version of this post incorrectly identified Finger Lakes Health System, a/k/a Common Ground, as being the breached entity. A spokesperson for Common Ground Health contacted to say, “Common Ground Health (formerly Finger Lake Health Systems Agency) is not connected to Finger Lakes Health, which experienced the data breach. Common Ground Health did not have a data breach.”  It seems this site wasn’t the only one that confused the names, as news media had initially, and incorrectly, reported the breach as involving Finger Lakes Health System. apologizes for the error.

Mar 172018

From their press release, issued yesterday:

Atrium Hospitality, the hotel and assessment for the Holiday Inn Sacramento, is notifying three hundred and seventy-six (376) hotel guests of an event that could potentially impact the security of certain information. Although we are unaware of any actual or attempted misuse of the information, Atrium Hospitality is providing potentially impacted guests with information about the event, steps taken since discovering the event, and what can be done to better protect against potential harm resulting from this event.

On December 8, 2017, Atrium Hospitality discovered that a workstation at the Holiday Inn Sacramento was potentially impacted by ransomware. Atrium Hospitality immediately removed the workstation from its network and commenced an investigation, with the assistance of a third-party forensic investigation firm, to determine what happened. As part of the investigation, Atrium Hospitality determined that the malware had potentially malicious capabilities.

On February 14, 2018, Atrium Hospitality determined that one or more of the following for three hundred and seventy-six (376) hotel guests was potentially accessible: name, driver’s license number, passport number, and credit or debit card information.  Atrium will notify one hundred and eighty-two (182) of the affected guests by U.S. Mail.  Atrium did not have address for the remaining one hundred and ninety-four (194) guests.

Atrium Hospitality is mailing letters to the impacted guests.  Atrium Hospitality is also disclosing this incident to certain state regulators as required.

Atrium Hospitality is unaware of any actual or attempted misuse of the information, and emphasizes that it cannot confirm whether the information was actually accessed. Nevertheless, Atrium Hospitality encourages the impacted guests to review financial statements, monitor credit reports, and to immediately report all suspicious activity to the institution that issued the record.

SOURCE Atrium Hospitality

via PRNewswire

Mar 082018

Rick Mellerup reports:

The Pinelands Regional School District is grappling with a crippling virus. Don’t worry, you don’t have to keep your kids home from school. It’s a computer virus, a malware program that has infected many of the district’s computers.

For example, the last time the board of education’s budget committee met, it wasn’t able to accomplish much. The reason – a draft budget couldn’t be accessed because of the virus.

According to Pinelands computer tech Phil Holman, who was present Monday evening to livestream the school board meeting so community members could watch from home, the virus, called Emotet, recently wreaked havoc in Allentown, Pa.

Read more on The SandPaper.