A May ransomware attack on Ascension, a U.S. healthcare giant with more than 140 hospitals and dozens of senior living facilities, allowed hackers to steal personal and sensitive health information on 5.6 million patients, according to a new filing with Maine’s attorney general.
The cyberattack caused widespread disruption across its hospital system, with some staff describing harrowing lapses in healthcare as a result, including delayed or lost lab results, and medication errors. The Black Basta gang was blamed for the attack, which saw the group steal patients’ medical information, like dates of service, lab tests, and procedure codes; payment information, such as credit card and bank account numbers.
Read more…
Source: TechCrunch News
Related:
- Scattered Spider hackers are targeting US critical infrastructure via VMware attacks
July 28, 2025
The infamous ScatteredSpider ransomware group is using VMware instances to target critical infrastructure organizations in the US, researchers have warned. In the campaign, the hackers do not exploit any vulnerabilities, but instead go for “aggressive, creative, and particularly skilled” social engineering. They first reach out to their victim’s IT desk, impersonating an employee, and asking for ...
- NASCAR confirms user data breach following Medusa ransomware attack
July 28, 2025
NASCAR has confirmed it suffered a cyberattack and a data breach in April 2025 which saw personal information of racing fans allegedly stolen. The organization filed data breach reports with attorneys general in multiple US states, describing what had happened, and how it responded, noting the attack started on March 31, 2025, and was spotted – ...
- Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack
July 26, 2025
U.S. insurance giant Allianz Life has confirmed to TechCrunch that hackers stole the personal information of the “majority” of its customers, financial professionals, and employees during a mid-July data breach. When reached by TechCrunch, Allianz Life spokesperson Brett Weinberg confirmed the breach. “On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based ...
- Digital Compliance Alert: UK Online Safety Act and EU Digital Services Act Cross-Border Impact Analysis
July 26, 2025
As of July 25, 2025, all sites and apps that allow pornography will need to have strong age checks in place, to make sure children can’t access that or other harmful content. This represents the most significant change to how adults access online content in the UK since the internet’s mainstream adoption. Gone are the days ...
- FBI: North Korean IT Worker Threats to U.S. Businesses
July 23, 2025
The Federal Bureau of Investigation (FBI) is providing an update to previously shared guidance regarding Democratic People’s Republic of Korea (North Korea) Information Technology (IT) workers to raise public awareness of the threat posed to U.S. businesses. North Korea is evading U.S. and U.N. sanctions by targeting private companies to illicitly generate substantial revenue for the ...
- #StopRansomware: Interlock
July 22, 2025
Since September 2024, Interlock ransomware actors have impacted a wide range of businesses and critical infrastructure sectors in North America and Europe. These actors are opportunistic and financially motivated in nature and employ tactics to infiltrate and disrupt the victim’s ability to provide their essential services. Interlock actors leverage a double extortion model, in which they ...