Fundraising and customer relationship management software provider Blackbaud has reached a $3 million settlement agreement with the Securities and Exchange Commission over allegations it made "misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers."
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues, including how the new U.S. cybersecurity strategy doubles down on hitting ransomware, how the strategy shifts liability issues to vendors, and why check fraud is on the rise and what can be done about it.
Community Health Systems will soon begin notifying up to 1 million individuals estimated to have been affected by data compromise when attackers exploited a zero-day vulnerability in vendor Fortra's GoAnywhere MFT, which is secure managed file transfer software.
A healthcare revenue cycle management software vendor is facing a proposed class action lawsuit in the aftermath of a December data exfiltration attack affecting nearly 251,000 patients. Ransomware group Royal took credit for the attack, allegedly leaking samples of the stolen data on its leak site.
Hackers disrupted medical care at a major Barcelona hospital, found out the wireless plans of 9 million AT&T users and stole data of almost 140,000 Hatch Bank customers. Patrons of Chick-fil-A got a nasty surprise. Plus, a breach hit Acer and another one affected members of the U.S. Congress.
Key to the business success of top ransomware groups remains their ability to find innovative new ways to amass victims. For Hive, which received more than $100 million in ransom payments before being disrupted by law enforcement, the new business strategy that helped it thrive was co-working.
Arctic Wolf has expanded its security operations platform into threat intelligence, incident response and cyber insurance, says CEO Nick Schneider. The company has focused on putting businesses in the best possible position to answer questions from insurance carriers following a security incident.
Russian-speaking ransomware gang BlackCat is leaking data stolen from a Pennsylvania-based healthcare group, including photos of breast cancer patients. The gang posted screenshots of patient diagnoses of a handful of patients and pictures of breast cancer patients disrobed from the waist up.
Play ransomware hackers attempting to extort the San Francisco Bay Area city of Oakland dumped 10 gigabytes of stolen information over the weekend and threatened that more dumps may come. Researchers have spotted similarities between the Play, Hive and Nokoyawa ransomware groups.
Technologists were quick to point out that popular AI-based chatbot, ChatGPT, could lower the bar for attackers in phishing campaigns and even write malware code, but Cato Networks' Etay Maor advises taking these predictions "with a grain of salt" and explores the pros and cons of ChatGPT.
Police in Germany and Ukraine detained two suspected core members of a ransomware criminal group with a track record of attacking hospitals and emergency services. Seized electronics may lead to additional arrests of members of the group, who are accused of spreading DoppelPaymer ransomware.
The Biden administration's national cybersecurity strategy emphasizes bolstering critical infrastructure sector protections, including setting minimum security requirements and enhancing collaboration. But observers says the industry needs more resources and a better security posture to comply.
The Royal ransomware group targeting critical infrastructure in the United States and other countries is made up of experienced ransomware attackers and has strong similarities to Conti, the infamous Russia-linked hacking group, according to a new alert issued by U.S. authorities.
The Biden administration, in its new national cybersecurity strategy, is doubling down on its efforts to combat ransomware, in part by designating it as a national security problem. Experts say this puts more "instruments of national power" - including military options - at the president's disposal.
When OrthoVA CIO, Terri Ripley, made the decision to send all non-clinical personnel to work from home in the early days of the pandemic, she knew there were risks but prioritized patient, physician, and staff safety first.
Ripley says they weren’t prepared to have the workforce safely access their systems...