A new ransomware gang, Termite, has started leaking on the dark web samples of sensitive data stolen in an attack on Australian fertility clinic Genea. A court has issued a restraining order in hopes of preventing the threat actor or others from further disseminating, using or publishing the data.
DISA Global Solutions, a third-party administrator of background checks and drug and alcohol testing for employers in multiple industries, said 3.3 million individuals are affected by a data theft incident that happened a year ago. The firm is already facing several lawsuits involving the breach.
A proposed state privacy law awaiting the signature of New York State's governor promises to make the processing of and sale of health information by a wide array of organizations much more complicated and restrictive, said regulatory attorney Angie Matney, who explains why.
It's been one year since hackers attacked IT services provider Change Healthcare, quickly shutting down critical processes for thousands of healthcare entities, triggering a data breach affecting 190 million people. So what top lessons are emerging from that massive disruption and data compromise?
This week: Microsoft, Ivanti and Google release fixes for critical vulnerabilities and urge priority patching; Lee Enterprises confirms a cyberattack disrupted newspaper operations; and thousands of KerioControl Firewalls exposed to critical remote code execution flaws.
Conventional research on the cost of a data breach has vastly underestimated the true cost, doing a grave disservice to security practitioners, risk managers, insurance actuaries, corporate boards, and global regulators trying to make informed decisions about how to mitigate this pressing risk.
Download the full...
A rural Georgia hospital and its nursing home are among several other regional healthcare entities notifying tens of thousands of patients that their information was compromised in recent hacks. Ransomware gang Embargo claims to have published 1.15 terabytes of stolen data in one of those incidents.
A Midwest chain of doctor practices and 13 Catholic hospitals has reported that a 2023 hacking incident that disrupted its IT system for several days and may have compromised the sensitive data of nearly 900,000 people. The group is also facing an assortment of data privacy lawsuits.
Zero days. Supply chain attacks. APIs and cloud environments as growing threat vectors. These are among the topics discussed in this seventh annual Modern Bank Heists report, and author Tom Kellermann discusses their impact on financial institutions - and which defensive gaps need to be filled now.
This week: A hacker claims to have 20 million OpenAI logins, Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot's protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, Spain nabs hacker, and Deloitte pays $5M for RIBridges breach.
Ransomware may still be raking in massive cryptocurrency profits for practitioners, but 2024 turned out to be less of a banner year than predicted, with blockchain researchers reporting that the sum total of known ransom payments to ransomware groups in 2024 plummeted by 35%.
Three healthcare entities - including a California hospital and outpatient care provider, an Alabama cardiology practice, and a Colorado community health system, are notifying a total of more than 1.2 million individuals that their sensitive information was compromised in 2024 hacks.
Community Health Center, which has a dozen primary care, dental and other clinics in Connecticut, is notifying nearly 1.1 million people - including pediatric patients and their parents and guardians - that their information was potentially stolen in a cyberattack detected earlier this month.
In this week's update, ISMG editors discussed two major stories shaking the tech and cybersecurity worlds - China's AI leap with DeepSeek, a new open-source bot that wiped $600 billion off of Nvidia's value, and an update on the massive UnitedHealth breach, which now affects 190 million people.
A Pittsburgh-based healthcare system and its Massachusetts-based IT services firm are facing at least seven proposed federal class action lawsuits involving a data theft - reported on Jan. 17 - affecting about 293,000 people. The hack is the latest major breach involving a business associate.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
