Infosecurity News
NHS Dumfries and Galloway Warns of “Significant” Data Theft
Scottish NHS trust reveals patient and staff data may have been taken in security breach
DarkReading
NHS Breach, HSE Bug Expose Healthcare Data in the British Isles
Whoopsies in Ireland and Scotland speak to a tenuousness of cyber protections for sensitive private healthcare data.
Infosecurity News
HSE Error Exposed Over a Million Irish Citizens’ Vaccine Status
An AppOmni researcher detailed a misconfiguration in the HSE COVID Vaccination Portal, exposing the health and personal data of over a million Irish citizens
CyberNews
Massive data leak in Irish Health Service Executive uncovered
The Health Service Executive (HSE) in Ireland accidentally exposed the private information of an estimated one million citizens in December 2021, a researcher has shared.
The DFIR Report
Lets Open(Dir) Some Presents: An Analysis of a Persistent Actor’s Activity - The DFIR Report
This report is a little different than our typical content. We were able to analyze data from a perspective we typically don’t get to see… a threat actor’s host! In … Read More
Bleeping Computer
The Week in Ransomware - December 1st 2023 - Police hits affiliates
An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries.
SecurityWeek
In Other News: Utilities Targeted by Hackers, Aerospace Attacks, Killnet Leader Unmasked
Utilities in the US and Europe targeted in cyberattacks, aerospace hacking, and Killnet Russian leader unmasked.
Cyber Security News
Slovenia’s Biggest Power Provider has Suffered a Cyberattack
HSE one of the biggest power providers in Slovenia was targeted by a serious cyberattack and control system as well as fire alarms.
Bleeping Computer
Slovenia's largest power provider HSE hit by ransomware attack
Slovenian power company Holding Slovenske Elektrarne (HSE) has suffered a ransomware attack that compromised its systems and encrypted files, yet the company says the incident did not disrupt electric power production.
Infosecurity News
Data Theft Overtakes Ransomware as Top Concern for IT Decision Makers
A recent survey conducted by Integrity 360 shows that data theft has overtaken ransomware as a top concern for some IT decision makers
Bleeping Computer
Shutterfly says Clop ransomware attack did not impact customer data
Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months, Clop ransomware gang has been exploiting a vulnerability in the MOVEit File Transfer utility to breach hundreds of companies to steal their data and attempt extortion against them.
Ars Technica
Casualties keep growing in this month’s mass exploitation of MOVEit 0-day
The dramatic fallout continues, with as many as 122 organizations now breached.
Bleeping Computer
Siemens Energy confirms data breach after MOVEit data-theft attack
Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform.
Bleeping Computer
Hackers steal data of 45,000 New York City students in MOVEit breach
The New York City Department of Education (NYC DOE) says hackers stole documents containing the sensitive personal information of up to 45,000 students from its MOVEit Transfer server.
Bleeping Computer
The Week in Ransomware - June 16th 2023 - Wave of Extortion
The MOVEit Transfer extortion attacks continue to dominate the news cycle, with the Clop ransomware operation now extorting organizations breached in the attacks.
Bleeping Computer
Millions of Oregon, Louisiana state IDs stolen in MOVEit breach
Louisiana and Oregon warn that millions of driver's licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file transfer systems to steal stored data.
Infosecurity News
Clop Starts MOVEit Extortion as New Bug is Discovered
Progress scrambles to release a new security update
Bleeping Computer
MOVEit Transfer customers warned of new flaw as PoC info surfaces
Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection (SQLi) vulnerability was shared online today.
Bleeping Computer
Clop ransomware gang starts extorting MOVEit data-theft victims
The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks by listing them on a data leak site, a common extortion tactic used as a precursor for the public leaking of stolen data.
Infosecurity News
Ofcom Latest MOVEit Victim as Exploit Code Released
UK regulator admits hundreds of employees are impacted
Bleeping Computer
Exploit released for MOVEit RCE bug used in data theft attacks
Horizon3 security researchers have released proof-of-concept (PoC) exploit code for a remote code execution (RCE) bug in the MOVEit Transfer managed file transfer (MFT) solution abused by the Clop ransomware gang in data theft attacks.
DataBreaches
Ie: HSE patients startled to get alerts about personal info stolen by hackers
Reminder: If you are first sending out data breach notification letters two years after the breach, you might want a public announcement or media campaign to...
The Record
British government minister told council to keep quiet after ransomware attack
An unnamed British government minister told the leader of Redcar and Cleveland Borough Council to keep quiet about the impact of a “catastrophic” ransomware attack two years ago, a parliamentary committee was told on Monday.
Infosecurity News
LockBit Hands Ransomware Decryptor to Kids' Hospital
Group apologizes to Toronto-based SickKids
Bleeping Computer
Ransomware gang apologizes, gives SickKids hospital free decryptor
The LockBit ransomware gang has released a free decryptor for the Hospital for Sick Children (SickKids), saying one of its members violated rules by attacking the healthcare organization.
DataBreaches
Cost of HSE cyberattack by Conti rises to €80m, letter shows
Jennifer Bray reports: The cost of the cyberattack on the Health Service Executive has risen to €80 million, according to new information. In a letter to...
Infosecurity News
HSE Cyber-Attack Costs Ireland $83m So Far
A total of roughly 100,000 people had their personal data stolen during the cyber-attack
ZDNet
The real cost of ransomware is even bigger than we realised
Ransomware attacks are often talked about in terms of the financial cost. But in reality, these incidents can have a much bigger impact.
DataBreaches
HSE cyberattack: More than 100,000 people whose personal data stolen to be contacted
Jack Horgan-Jones reports: More than 100,000 people who had their personal data stolen during the HSE cyberattack last year will begin being contacted by the...
DataBreaches
HSE hack victims who had personal information stolen have not been told they were targets
Ferghal Blaney reports: Hacking victims who had their personal information stolen during the HSE ransomware attack last year have not been told they were...
CyberNews
US unmasks Conti suspect for first time | Cybernews
If you know anything about the malicious hackers Target, Reshaev, Professor, Tramp, and Dandis, come forward.
Bleeping Computer
US govt will pay you $10 million for info on Conti ransomware members
The U.S. State Department announced a $10 million reward today for information on five high-ranking Conti ransomware members, including showing the face of one of the members for the first time.
CyberNews
Conti, the notorious ransomware group, proclaimed dead | CyberNews
The official website for Conti ransomware was shut down, signaling that the notorious group is disbanding.
Bleeping Computer
Conti ransomware shuts down operation, rebrands into smaller units
The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more.
Security Affairs
New Nerbian RAT spreads via malspam campaigns using COVID-19
Researchers spotted a new remote access trojan, named Nerbian RAT, which implements sophisticated evasion and anti-analysis techniques. Researchers from Proofpoint discovered a new remote access trojan called Nerbian RAT that implements sophisticated anti-analysis and anti-reversing capabilities. The malware spreads via malspam campaigns using COVID-19 and World Health Organization (WHO) themes. The name of the RAT […]
CyberNews
Costa Rica declares a state of emergency over Conti cyberattack | CyberNews
President Rodrigo Chaves signed the decree on a national cybersecurity emergency on his first day in office.
Bleeping Computer
Costa Rica declares national emergency after Conti ransomware attacks
The Costa Rican President Rodrigo Chaves has declared a national emergency following cyber attacks from Conti ransomware group. BleepingComputer also observed Conti published most of the 672 GB dump that appears to contain data belonging to the Costa Rican government agencies.
CyberNews
US chasing 'costliest strain of ransomware ever seen' | CyberNews
The Department of State offers a reward of up to $15 million for information on the Russia-based Conti ransomware gang.
Bleeping Computer
US offers $15 million reward for info on Conti ransomware gang
The US Department of State is offering up to $15 million for information that helps identify and locate leadership and co-conspirators of the infamous Conti ransomware gang.
Bleeping Computer
US offers $15 million reward for info on the Conti ransomware gang
The US Department of State is offering up to $15 million for information that helps identify and locate leadership and co-conspirators of the infamous Conti ransomware gang.
CyberNews
Conti claims responsibility for an attack on wind turbine giant Nordex | CyberNews
While the claim is not yet verified, the group put Nordex's name on its leak site.
Bleeping Computer
Snap-on discloses data breach claimed by Conti ransomware gang
American automotive tools manufacturer Snap-on announced a data breach exposing associate and franchisee data after the Conti ransomware gang began leaking the company's data in March.
ZDNet
New Conti ransomware source code leaked | ZDNet
The individual responsible is targeting Conti after the group announced its loyalty to Russia during the invasion of Ukraine.
CyberNews
Conti's ransomware spree: victim toll rises to 1,000 | CyberNews
Conti is still at large despite speculation that the leaked group's internal data might mean the end of this infamous ransomware gang associated with Russia.
CyberNews
Conti leaks: pro-Ukrainian member exposed more gang’s chats and Trickbot’s source code | CyberNews
Ransomware group Conti, which recently announced its allegiance with Vladimir Putin, is paying a high price for siding with Russia.
Infosecurity News
Massive Ransomware Attack Could Cost Irish Health Exec €100m
Costs have already topped €40m
ZDNet
Cost of Conti ransomware attack on Irish healthcare system may reach over $100 million | ZDNet
Ireland has already spent more than $48 million to recover from a devastating ransomware attack.
DataBreaches
Ie: Mother seeking compensation from HSE over data breach involving report into treatment of toddler at hospital
Independent.ie reports: A report compiled by the HSE in response to a complaint about the treatment given to a 19-month-old patient found its way into the...
Bleeping Computer
The Week in Ransomware - February 4th 2022 - Critical Infrastructure
Critical infrastructure suffered ransomware attacks, with threat actors targeting an oil petrol distributor and oil terminals in major ports in different attacks.
Bleeping Computer
HHS: Conti ransomware encrypted 80% of Ireland's HSE IT systems
A threat brief published by the US Department of Health and Human Services (HHS) on Thursday paints a grim picture of how Ireland's health service, the HSE, was overwhelmed and had 80% of its systems encrypted during last year's Conti ransomware attack.
DataBreaches
HHS: Lessons learned from the HSE cyberattack
HHS Cybersecurity Program has released a new threat brief on lessons learned from the HSE cyberattack. DataBreaches.net covered the incident and aftermath in...
Bleeping Computer
KP Snacks giant hit by Conti ransomware, deliveries disrupted
KP Snacks, a major producer of popular British snacks has been hit by the Conti ransomware group affecting distribution to leading supermarkets.
Bleeping Computer
Taiwanese Apple and Tesla contractor hit by Conti ransomware
Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning.
Bleeping Computer
Indonesia's central bank confirms ransomware attack, Conti leaks data
Bank Indonesia (BI), the central bank of the Republic of Indonesia, has confirmed today that a ransomware attack hit its networks last month.
Bleeping Computer
Shutterfly services disrupted by Conti ransomware attack
Photography and personalized photo giant Shutterfly has suffered a Conti ransomware attack that allegedly encrypted thousands of devices and stole corporate data.
DataBreaches
HSE given stolen data, including medical records, taken by criminals during cyber attack in May
Eilish O’Regan reports: The HSE has been given stolen data, including medical records, obtained by criminals during the May cyber attack, it emerged...
DataBreaches
Ie: Ransomware cyberattack hits Coombe hospital, IT services locked down as precaution
Eoghan Moloney and Eilish O’Regan report: The Coombe Hospital has been the subject of a ransomware cyberattack overnight, the hospital has confirmed. The...
DataBreaches
Ie: Hackers accessed HSE system eight weeks before cyber attack
Dyane Connor reports: The cyber attackers who hacked the Health Service Executive’s IT system, had accessed the system eight weeks before it detonated...
Bleeping Computer
Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet
Nordic Choice Hotels has now confirmed a cyber attack on its systems from the Conti ransomware group. Although there is no indication of card or payment information being affected, information pertaining to guest bookings was potentially leaked.
Bleeping Computer
Sandhills online machinery markets shut down by ransomware attack
Industry publication giant Sandhills Global has suffered a ransomware attack, causing hosted websites to become inaccessible and disrupting their business operations.
Bleeping Computer
JVCKenwood hit by Conti ransomware claiming theft of 1.5TB data
JVCKenwood has suffered a Conti ransomware attack where the threat actors claim to have stolen 1.7 TB of data and are demanding a $7 million ransom.
Bleeping Computer
FBI, CISA, and NSA warn of escalating Conti ransomware attacks
CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) warned today of an increased number of Conti ransomware attacks targeting US organizations.
DataBreaches
Getting caught up: Conti domains seized by Irish Garda
A story by Stephen Breen inThe Irish Sun yesterday included reference to an update on the HSE attack by Conti: Earlier this month, cops seized several websites...
Bleeping Computer
Ragnarok ransomware releases master decryptor after shutdown
Ragnarok ransomware gang appears to have called it quits and released the master key that can decrypt files locked with their malware.
Bleeping Computer
Nokia subsidiary discloses data breach after Conti ransomware attack
SAC Wireless, a US-based and independently-operating Nokia company subsidiary, has disclosed a data breach following a ransomware attack where Conti operators were able to successfully breach its network, steal data, and encrypt systems.
DataBreaches
Ie: Patient medical records found in a pub and carpark
Irish Examiner reports: Patients’ medical records from Letterkenny University Hospital (LUH) were found in a pub and in a carpark by members of the public in...
DataBreaches
Cancer patient to sue Cork’s Mercy Hospital over HSE ransomware incident
Sean O’Riordan and Shauna Bowers report: One of the first legal cases over the release of sensitive medical information on the dark web as part of the...
DataBreaches
Ie: Delayed cancer diagnoses fears over HSE cyberattack backlog
Niamh Griffin reports: Two months on from the cyberattack on the HSE and the consequences for patients are only starting to emerge, health professionals have...
Bleeping Computer
VirusTotal ordered to reveal private info of stolen HSE data downloaders
An Irish court has ordered VirusTotal to provide the information of subscribers who downloaded or uploaded confidential data stolen from Ireland's national health care service during a ransomware attack.
DataBreaches
HSE seeks order to help find who uploaded or downloaded files stolen in cyberattack
Ann O’Loughlin reports: Over 20 people either uploaded or downloaded confidential information stolen in last month’s cyberattack on the HSE onto a web...
Bleeping Computer
Fujifilm confirms ransomware attack disrupted business operations
Today, Japanese multinational conglomerate Fujifilm officially confirmed that they had suffered a ransomware attack earlier this week that disrupted business operations.
Bleeping Computer
FBI: REvil cybergang behind the JBS ransomware attack
The Federal Bureau of Investigations has officially stated that the REvil operation, aka Sodinokibi, is behind the ransomware attack targeting JBS, the world's largest meat producer.
Bleeping Computer
Swedish Health Agency shuts down SmiNet after hacking attempts
The Swedish Public Health Agency (Folkhälsomyndigheten) has shut down SmiNet, the country's infectious diseases database, on Thursday after it was targeted in several hacking attempts.
Bleeping Computer
Ransomware gangs' slow decryptors prompt victims to seek alternatives
Recently, two highly publicized ransomware victims received a decryptor that was too slow to make it effective in quickly restoring the victim's network.
DataBreaches
Mercy University Hospital secures court injunction against ransomware hackers
Aodhan O’Faolain reports: A Cork-based hospital has secured injunctions from the High Court restraining any sharing, processing, selling or publishing of...
Bleeping Computer
The Week in Ransomware - May 21st 2021 - Healthcare under attack
This week's ransomware news has been dominated by the attack on Ireland's Health Service Executive (HSE) that has severely disrupted Ireland's healthcare system.
Bleeping Computer
FBI: Conti ransomware attacked 16 US healthcare, first responder orgs
The Federal Bureau of Investigation (FBI) says the Conti ransomware gang has attempted to breach the networks of over a dozen US healthcare and first responder organizations.
Bleeping Computer
Irish High Court issues injunction to prevent HSE data leak
The High Court of Ireland has issued an injunction against the Conti Ransomware gang, demanding that stolen HSE data be returned and not sold or published.
DataBreaches
HSE hack: High Court grants orders barring use of stolen data
Mary Carolan reports: All of the HSE’s data “is potentially compromised” following a massive cyberattack, its chief executive, Paul Reid, has told the...
Bleeping Computer
Conti ransomware gives HSE Ireland free decryptor, still selling data
The Conti ransomware gang has released a free decryptor for Ireland's health service, the HSE, but warns that they will still sell or release the stolen data.
DataBreaches
Cyber attack has caused ‘enormous risk’ – HSE official
RTÉ reports: The Health Service Executive’s National Clinical Adviser for Acute Operations has said there is an “enormous risk” across...
DataBreaches
Irish patients’ data stolen by hackers shows up in negotiation chat
Laura Noonan in Dublin and James Shotter in Warsaw report: Medical and personal information about Irish patients stolen by hackers last week is now being...
Bleeping Computer
Conti ransomware also targeted Ireland's Department of Health
The Conti ransomware gang failed to encrypt the systems of Ireland's Department of Health (DoH) despite breaching its network and dropping Cobalt Strike beacons to deploy their malware across the network.
Bleeping Computer
Ireland's Health Services hit with $20 million ransomware demand
Ireland's health service, the HSE, says they are refusing to pay a $20 million ransom demand to the Conti ransomware gang after the hackers encrypted computers and disrupted health care in the country.
DataBreaches
Ie: Cyberattack on HSE: Scale of damage from Conti’s ransomware attack will not be known for days
Jack Horgan-Jones and Conor Lally report: It will be at least three days before the scale of the damage from “possibly the most significant cyber crime...
Bleeping Computer
The Week in Ransomware - May 14th 2021 - One down, many more to go
Ransomware took the media spotlight this week after a ransomware gang known as DarkSide targeted critical infrastructure in the USA.
DataBreaches
Ie: HSE shuts down IT system after ‘significant’ cyber attack
RTE reports: The Health Service Executive has temporarily shut down its IT system following what it described as a “significant ransomware attack”...
Bleeping Computer
Irish healthcare shuts down IT systems after Conti ransomware attack
Ireland's Health Service Executive(HSE), the country's publicly funded healthcare system, has shut down all IT systems after its network was breached in a ransomware attack.