Sheriff’s office pays a US$1 million ransom, an American health records provider is hacked, and more.
Welcome to Cyber Security Today. It’s Monday, May 8th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
Over 1 million American residents are being told their personal information was stolen after the hack of a medical provider. NextGen Healthcare, which sells electronic health record software to doctors and medical billing firms, says someone accessed data with patients’ names, dates of birth, address and Social Security numbers between March 29th and April 14th. A copy of the letter being sent to victims was filed last week with the state of Maine. The breach was caused because someone outside of NextGen got hold of a customer’s username and password.
A California law enforcement agency has paid just over US$1 million to a ransomware gang after it was hit early last month. The Los Angeles Times reports the San Bernardino County Sheriff’s Department and its insurance carrier spit the cost so the department could get access back to its data. The department had to shut its email, in-car computers and a system deputies use for background checks.
A new ransomware gang has appeared. According to the Bleeping Computer News site it’s called Akira. It began operations in March and claims to have already hit 16 organizations. Data on four of those victims has already been published on the gang’s data leak site.
Last week I told you about a ransomware attack on Bluefield University, a private Baptist university in Virginia. On Sunday DataBreaches.net reported that the AvosLocker gang has started to post samples of stolen student files on its data leak site. They did this as a way to pressure the institution to pay up. An affiliate of the gang told the news site that Bluefield hasn’t responded to their messages. The affiliate also maintains the gang still has access to the university’s IT network.
Murfreesboro Medical Clinic in Tennessee is still recovering from a cyber attack. Phone lines are back up, but the walk-in clinics, laboratory and radiology services were closed on the weekend. Staff were contacting patients over the weekend to confirm appointments and surgeries for today.
Twitter has admitted that a ‘security incident’ has allowed supposedly private tweets among those using the limited access Twitter Circle capability to be seen by general Twitter users. The incident happened last month. Twitter hasn’t given details on what happened.
Pro-Russian hackers claim to have temporarily taken down the website of France’s Senate. The attack is allegedly because of France’s support for Ukraine. Called NoName, it’s the same group that took credit for disrupting the website of Canadian Prime Minister Justin Trudeau last month.
Finally, there’s news of two security updates: Fortinet has issued upgrades to its FortiADC application delivery controller. These close what the company describes as high-severity vulnerabilities. And Siemens has issued patches for two models of its Sicam products used by energy producers.
That’s it for now. Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.