A May ransomware attack on Ascension, a U.S. healthcare giant with more than 140 hospitals and dozens of senior living facilities, allowed hackers to steal personal and sensitive health information on 5.6 million patients, according to a new filing with Maine’s attorney general.
The cyberattack caused widespread disruption across its hospital system, with some staff describing harrowing lapses in healthcare as a result, including delayed or lost lab results, and medication errors. The Black Basta gang was blamed for the attack, which saw the group steal patients’ medical information, like dates of service, lab tests, and procedure codes; payment information, such as credit card and bank account numbers.
Read more…
Source: TechCrunch News
Related:
- GM credential stuffing attack exposed car owners’ personal info
May 24, 2022
US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed some customers’ information and allowed hackers to redeem rewards points for gift cards. General Motors operates an online platform to help owners of Chevrolet, Buick, GMC, and Cadillac vehicles manage their bills, services, and redeem rewards points. Car ...
- Ransomware attack exposes data of 500,000 Chicago students
May 21, 2022
The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December. Ohio-based Battelle for Kids is a not-for-profit educational organization that analyzes student data shared by public school systems to design instructional models and ...
- US Justice Department won’t prosecute white-hat hackers under the CFAA
May 19, 2022
Good-faith security researchers no longer have to worry about being prosecuted under the Computer Fraud and Abuse Act (CFAA), the US Justice Department said on Thursday. The federal agency released a new memo, which for the first time clarifies that the 1986 law shouldn’t be used to target white-hat hackers. “The department has never been interested ...
- FBI: Cyber Actors Scrape Credit Card Data from US Business’ Online Checkout Page and Maintain Persistence by Injecting Malicious PHP Code
May 16, 2022
As of January 2022, unidentified cyber actors unlawfully scraped credit card data from a US business by injecting malicious PHP Hypertext Preprocessor (PHP) code into the business’ online checkout page and sending the scraped data to an actor-controlled server that spoofed a legitimate card processing server. The unidentified cyber actors also established backdoor access to the ...
- Iran-linked Cobalt Mirage extracts money, info from US orgs – report
May 13, 2022
The Iran-linked Cobalt Mirage crew is running attacks against America for both financial gain and for cyber-espionage purposes, according to Secureworks’ threat intelligence team. The cybercriminal gang has been around since June 2020, and its most recent activities have been put into two categories. One, using ransomware to extort money, as illustrated by a strike in ...
- Ukrainian crook jailed in US for selling thousands of stolen login credentials
May 13, 2022
A Ukrainian man has been sentenced to four years in a US federal prison for selling on a dark-web marketplace stolen login credentials for more than 6,700 compromised servers. Glib Oleksandr Ivanov-Tolpintsev, 28, was arrested by Polish authorities in Korczowa, Poland, on October 3, 2020, and extradited to America. He pleaded guilty on February 22, and ...