Ionut Ilascu reports: A decryption tool for a modified version of the Conti ransomware could help hundreds of victims recover their files for free. The utility works with data encrypted with a strain of the ransomware that emerged after the source code for Conti was leaked last year in March . Researchers at cybersecurity company...
In September 2022, Independent Living Systems LLC (ILS), a business associate in Florida, notified HHS and regulators of a network incident that affected 501 patients. They also provided public notice, but were unable to identify and notify all individuals who had been affected. The “501” was simply a marker to indicate “more than 500.”...
Rob Antle reports: The Newfoundland and Labrador government says the Hive ransomware group was behind a cyberattack that paralyzed the province’s health-care system a year and a half ago. But top government officials still won’t say whether they paid a ransom. “We can’t disclose anything about a request for a ransom, for security purposes,”...
The following lawsuit and press release were predictable. Could LVHN have protected sensitive patient information better? If so, is less than perfect security somehow “negligent?” And if they are found to be negligent, how will LVHN be held accountable, and how on earth will patients ever come close to being made whole from a...
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which President Biden signed into law in March 2022, required CISA to establish the RVWP (see Section 105 ). ALERT CISA Announces Ransomware Vulnerability Warning Pilot Release Date March 13, 2023 Today, CISA is announcing the creation of the Ransomware Vulnerability...
It’s hard to believe, but it has really been 17 years since PogoWasRight.org began blogging about breaches, and it’s been 14 years since this spinoff site, DataBreaches.net, opened. Since then, DataBreaches has often reported on criminals’ tactics to secure payment from victims, especially those in the healthcare sector. Thousands of archived posts on DataBreaches.net...
As many of us were waking up to a brand new year, DataBreaches reported that LockBit 3.0 had claimed an attack on the Housing Authority of the City of Los Angeles (HACLA). Screencaps of directories and some files were provided by LockBit as proof of claims. Numerous news outlets picked up the news of the...
They could have headlined this story as “Good security practices pay off.” Michael P. Buffer reports: A cyber attack on a server at the Wilkes-Barre Career and Technical Center was discovered Wednesday, and antivirus and backup procedures “prevented a catastrophe” and “a lot of problems,” Administrative Director Anthony C. Guariglia said Thursday. The regional...
Belgium: CHU St. Pierre Cyberattack DHnet in Belgium reports that Saint-Pierre hospital in central Brussels temporarily closed its emergency room and diverted line 112 to other institutions due to a cyberattack early Saturday morning. The attack reportedly disrupted the functioning of many applications, including patient records and telephone lines. By 5:00 pm Brussels...
BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion