Britain's The Guardian newspaper has asked staff to continue working from home until Jan. 23 as the company continues to resolve issues with its network, which was compromised by ransomware hackers in December. The attack affected on-premises infrastructure but left cloud-based systems unscathed.
Rackspace says the ransomware-wielding attackers who disrupted its hosted Microsoft Exchange Server environment last month wielded a zero-day exploit, described by CrowdStrike as being "a previously undisclosed exploit method for Exchange," to gain remote, direct access to servers it hosted.
The BlackCat ransomware-as-a-service group created a spoofed website closely mimicking the website of a victim in order to spread stolen data online. The victim is a small U.S. accounting firm whose stolen files apparently include tax returns and passport scans.
A Toronto pediatric hospital says it has restored nearly two-thirds of the systems affected by a mid-December ransomware attack but will evaluate whether to use a decryptor supplied by the LockBit ransomware-as-a-service group. LockBit says an affiliate violated a policy against attacking hospitals.
Many ransomware-wielding attackers are expert at preying on their victims' compulsion to clean up the mess. Witness victims' continuing willingness to pay a ransom - separate to a decryptor - in return from a promise from extortionists that they will delete stolen data. As if.
One of Europe's busiest ports is added to the list of LockBit ransomware victims. The hacking group targeted Portugal's Port of Lisbon on Christmas Day, giving the facility a deadline of Jan.18 to pay a ransom of $1.5 million in exchange for deletion of their data.
Expel has released its latest quarterly threat report, which looks at continued identity-based attacks and the impact of MFA fatigue. Jon Hencinski shares insights on attack trends, gaps in compensating controls and what to look for in pre-ransomware activity.
California hospital operator Scripps Health has agreed to pay $3.57 million in "minimum cash settlements" of $100 per victim, plus some additional types of expenses, to settle a class-action lawsuit filed by victims of a 2021 data breach perpetrated by ransomware-wielding attackers.
One of the primary healthcare systems in the northwestern Italian city of Alessandria has been listed as a recent victim of the Ragnar Locker ransomware group, which has leaked stolen data and appears to be continuing to try and extort the organization.
Hospitals must not only prepare in advance for ransomware and other debilitating attacks on their organizations, but also for responding to the effect of cyber incidents at neighboring facilities, says Dr. Christian Dameff of the University of California San Diego.
Hackers stole and leaked personal data for nearly 270,000 patients and employees of Louisiana's Lake Charles Memorial Health System as part of a ransomware attack for which Hive claimed credit. Patients and regulators have just been informed about the October attack.
Global Cyber Alliance CEO Philip Reitinger shares updates on the alliance's Internet Integrity and Capacity & Resilience programs, which tackle key challenges of internet infrastructure, privacy and safety. Success is measured by the number of partners and "who is using the platform," he says.
Many healthcare organizations struggle to recover from ransomware attacks, putting clinical procedures and patient safety in jeopardy during the process, says Steve Cagle, CEO of privacy/consulting firm Clearwater. "They need to think about how the technology is supporting the business," he says.
Nearly a week after a ransomware attack forced a network shutdown at Toronto's Hospital for Sick Children, patients are still experiencing delays in treatment and diagnostic procedures. The hospital says it has restored some systems, phones and websites, but the recovery process could take weeks.
An Ohio software developer that attempted to use business insurance to pay for a 2019 ransomware attack was stymied by the Ohio Supreme Court. The justices unanimously decided for Owners Insurance Company against greater Dayton-based EMOI, writing that the developer didn’t experience physical loss.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.