Connect with us

Malware

Integris Health Patients Face Extortion Threats Following Devastating Cyberattack

Integris Health patients have been receiving threatening extortion emails following a recent cyberattack. The healthcare provider suffered a data breach in which patient information was stolen, and the attackers are now demanding ransom payments to avoid publishing the sensitive data. Integris Health is working with law enforcement to resolve the issue and support affected patients.

Published

on

A man wearing a virtual reality headset experiences the Canadian Government Data Breach.

Imagine waking up one morning to an email stating that your personal data has been stolen in a cyberattack, and unless you pay an extortion demand, the data will be sold to other criminals. This nightmare is a reality for many Integris Health patients in Oklahoma.

Integris Health, Oklahoma’s largest not-for-profit health network, confirmed that they suffered a cyberattack in November that led to the theft of patient data. As a result, patients are now receiving blackmail emails containing accurate personal information, including Social Security Numbers, dates of birth, addresses, phone numbers, insurance information, and employer information.

The Extortion Demands

The hackers behind the attack claim to have stolen the personal data of over 2 million patients. In their extortion emails, they state that they have contacted Integris Health, but the healthcare network refuses to resolve the issue. They are now giving patients the “opportunity” to remove their personal data from the hackers’ databases before they sell the entire database to data brokers.

The emails include a link to a Tor extortion site that currently lists the stolen data for approximately 4,674,000 people, including their names, Social Security Numbers, dates of birth, and information about hospital visits. The website allows visitors to pay $50 to delete their data record or $3 to view it.

While it is unclear if any of the data records are duplicates, it is evident that a significant number of people have been affected by this attack.

The Dangers of Paying the Ransom

Integris Health is aware of the emails sent to patients and has updated its security notice to warn recipients not to respond, contact the sender, or click on any of the links in the email. They advise that paying the ransom is not a guarantee that the data will be deleted. In fact, once you pay a ransom, the criminals know that you are concerned about your data and may attempt to extort you further.

It is worth noting that a similar ransomware attack occurred at the Fred Hutchinson Cancer Center (Fred Hutch), where patients were also given the option to visit a dark website and delete their data by paying $50. This suggests that the same group of criminals may be behind both attacks.

So, What Can You Do?

The unfortunate truth is that there is no simple solution to this problem. Cybersecurity is an ongoing battle, and hackers are continuously developing new methods to exploit vulnerabilities. However, there are steps that both individuals and organizations can take to protect themselves and their data.

First and foremost, make sure you are using strong, unique passwords for all your accounts and enable multi-factor authentication when available. Regularly update your software and operating systems and be cautious of phishing scams and suspicious emails.

For organizations, investing in a robust cybersecurity infrastructure and providing regular training for employees on recognizing and avoiding cyber threats is essential.

Stay Informed and Stay Safe

As an IT Services company, we are dedicated to helping people and businesses stay informed about the latest cybersecurity threats and best practices to protect themselves. Subscribe to our newsletter and follow our blog to keep up-to-date with the latest news, tips, and advice on staying safe in the digital world.

If you have any questions or concerns about your cybersecurity or need assistance in protecting your personal or business data, don’t hesitate to reach out to us. We are here to help!

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Malware

Ford Dismisses Data Breach Accusations, Asserts Customer Information Remains Secure

Ford has denied allegations of a data breach, assuring customers that their information remains secure. The automaker responded to claims made by a security researcher who discovered a vulnerability in their systems, stating that no sensitive data was accessed or exposed. Ford is working closely with the researcher to investigate and resolve the issue.

Published

on

The Ford logo stands proudly against a geometric, blue and purple-patterned background with triangular shapes, embodying an attention to detail akin to safeguarding customer information.

As someone who cares about cybersecurity, I can’t help but feel concerned about the recent news that Ford is investigating allegations of a data breach. A threat actor going by the name ‘EnergyWeaponUser’ claimed on a hacking forum to have leaked 44,000 customer records. They also implicated another hacker, ‘IntelBroker,’ who supposedly took part in the breach back in November 2024.

What’s in the leaked data?

The leaked information includes Ford customer records containing personal details such as full names, physical locations, purchase details, dealer information, and record timestamps. While this data might not be extremely sensitive, it still contains personally identifiable information (PII) that could be used in phishing and social engineering attacks targeting the affected individuals.

What’s interesting is that the threat actors didn’t try to sell the dataset. Instead, they offered it to registered members of the hacker forum for eight credits, equivalent to just a little over $2.

Ford’s response and investigation

We reached out to Ford to validate the claims, and a spokesperson confirmed that they are actively investigating the allegations. They stated, “Ford is aware and is actively investigating the allegations that there has been a breach of Ford data. Our investigation is active and ongoing.”

Is there credibility to these allegations?

The involvement of IntelBroker in the breach lends some credibility to the threat actor’s allegations. This hacker has a track record of confirmed breaches, including recent ones at Cisco’s DevHub portal, Nokia (through a third party), Europol’s EPE web portal, and T-Mobile (via a vendor).

The data samples leaked by the threat actors include locations from around the world, with the United States being one of them.

How to protect yourself from potential risks

In light of this potential data exposure, it’s crucial to treat unsolicited communications with caution and reject requests for revealing more information under any pretense. Keep an eye out for any suspicious emails, messages, or phone calls that might use this leaked information to manipulate or deceive you.

An important update from Ford

After our initial report, Ford provided us with an additional statement based on new findings from their ongoing investigation. They said, “Ford’s investigation has determined that there was no breach of Ford’s systems or customer data. The matter involved a third-party supplier and a small batch of publicly available dealers’ business addresses. It is our understanding that the matter has now been resolved.” – A Ford spokesperson

Stay informed and stay safe

Keeping up to date with cybersecurity news and best practices is crucial in today’s digital world. Continue to check back with us for the latest information and advice on protecting yourself and your data. Remember, knowledge is power, and staying informed is the first step in defending against potential threats.

Continue Reading

Malware

US Space Tech Powerhouse Maxar Reveals Massive Employee Data Breach

US-based space technology firm Maxar Technologies has disclosed a data breach, potentially affecting current and former employees. The company discovered unauthorized access to its database, which may have exposed personal information such as names, birth dates, and Social Security numbers. Maxar has launched an investigation and is offering identity theft protection services to affected individuals.

Published

on

A satellite with solar panels orbits Earth against a backdrop of space, showcasing the prowess of US Space Tech. The word "MAXAR" overlays the image in bold yellow letters.

Picture this: You work at a leading U.S. satellite maker, Maxar Space Systems, and one day, out of the blue, you receive a notification that hackers have accessed your personal data. It’s a nightmare scenario, right? Well, that’s exactly what happened to some employees at Maxar.

Breaking into Maxar’s Network

Maxar discovered that a hacker had breached their company network and accessed files containing employee personal data. The intruder used a Hong Kong-based IP address and had access to the system for about a week before the company discovered the breach.

As soon as Maxar’s information security team detected the unauthorized access, they took action to prevent the hackers from going deeper into the system. But the damage was already done.

Why You Should Care About Maxar

Maxar Space Systems is a big deal in the American aerospace industry. They’re known for building communication and Earth observation satellites. Based in Colorado, they have built more than 80 satellites currently in orbit. Their technology plays a significant role in space exploration, like the Maxar 1300 platform’s essential role in NASA’s Psyche mission and the power and propulsion elements used for the Artemis Moon exploration program.

What Personal Data Was Exposed?

The hacker likely accessed the following employee information:

  • Name
  • Home address
  • Social security number
  • Business contact information
  • Gender
  • Employment status
  • Employee number
  • Job title
  • Hire/termination and role start dates
  • Supervisor
  • Department

Thankfully, no bank account information was exposed in this cybersecurity incident.

What’s Next for Maxar Employees?

Maxar is offering affected current employees IDShield identity protection and credit monitoring services. Former employees have until mid-February 2025 to enroll in identity theft protection services from IDX.

While the data breach exposed personal information, it’s also important to consider the potential impact on proprietary technical data. In a somewhat related incident, a threat actor claimed in July to have scraped the user base of GeoHIVE, a geospatial intelligence platform by Maxar Technologies, the parent company of Maxar Space Systems.

We reached out to Maxar Technologies to ask about the possibility of confidential technology data exposure and a possible link to the scraping incident, but a comment wasn’t immediately available.

Take Action to Protect Yourself

This breach at Maxar Space Systems is a stark reminder of the importance of cybersecurity. Don’t wait until it’s too late to protect your personal and business data. If you’re not sure where to start, we’re here to help. Our IT Services will guide you through the process of securing your data and keeping it safe from hackers.

Contact us today and stay ahead of the game. And don’t forget to keep coming back to learn more about cybersecurity and how you can protect yourself and your business.

Continue Reading

Malware

Mastermind Behind Healthcare Cyber Heist Faces a Decade Behind Bars

Hello there! I’m Peter Zendzian, and I have a riveting story to share with you. Picture this: you’re a patient at a reputable healthcare provider in the United States. You entrust them with your most sensitive personal information, and you feel secure knowing that they’ll protect you. But one day, you receive a notification that your information has been compromised due to a cyberattack. How would you feel? Angry? Scared? Confused? Well, that’s precisely what happened to millions of Americans in 2019 when a hacker targeted a prominent US healthcare provider and demanded a ransom to release the stolen data. Today, I’m here to tell you that justice has been served – the mastermind behind this cyber heist has been sentenced to 10 years in prison.



A Modern-Day Robin Hood?



Meet Arden James Zaloudek, a 24-year-old hacker who embarked on a cybercrime spree to ostensibly “help the poor.” However, instead of stealing from the rich, he targeted innocent patients and healthcare providers, causing widespread fear and panic. Zaloudek’s modus operandi was simple: he would infiltrate healthcare providers’ networks, steal sensitive patient data, and then demand a ransom in cryptocurrency. If the healthcare provider didn’t pay up, he would threaten to leak the stolen data on the dark web.



The Fallout from the Attack



As a result of Zaloudek’s actions, millions of Americans had their sensitive personal information – including names, addresses, social security numbers, and medical records – exposed. This led to a massive surge in identity theft and fraud cases, with victims scrambling to protect their information and financial assets. The healthcare provider itself also faced severe consequences, including reputational damage, expensive lawsuits, and the cost of upgrading its cybersecurity to prevent future attacks.



Justice Served, but at What Cost?



On February 3rd, 2023, Arden James Zaloudek was sentenced to 10 years in prison for his crimes. While it’s reassuring to know that justice has been served, the damage has already been done. The fallout from this attack underscores the urgent need for robust cybersecurity measures to protect sensitive information from falling into the wrong hands.



Why Cybersecurity Matters More Than Ever



As technology advances, so do the tactics of cybercriminals. Cybercrime is projected to cost the world $10.5 trillion annually by 2025, up from $3 trillion in 2015. This means that now, more than ever, it’s crucial for both individuals and organizations to prioritize cybersecurity.



Protect Yourself and Your Loved Ones



While you might not be able to single-handedly prevent cyberattacks on large-scale organizations, there are steps you can take to protect your personal information. Ensure you have strong, unique passwords for your online accounts, and consider using a password manager to keep track of them. Enable two-factor authentication wherever possible, and be cautious about sharing your personal information online.



Join Us in the Fight Against Cybercrime



I hope this story has highlighted the importance of cybersecurity in today’s digital world. If you’re concerned about your online security and want to learn more about how to protect yourself, I encourage you to reach out to us. Together, we can help make the online world a safer place for everyone. So don’t be a stranger – keep coming back to learn more about the latest cybersecurity news and tips. And remember, knowledge is power!

Why Cybersecurity Matters: Protecting Your Digital Life

Hey there, friend! Have you ever wondered why cybersecurity is such a big deal? In today’s digital age, it’s more important than ever to protect our personal information and stay safe online. Did you know that almost half of all Americans were affected by a data breach in 2017 alone? That’s a staggering statistic, and it’s time for us to take action.

Feeling Vulnerable? You’re Not Alone

Imagine you’re walking down the street, and suddenly, you realize your wallet is missing. That sinking feeling in your stomach? That’s how it feels when your personal information is stolen online. Hackers are constantly on the lookout for vulnerable targets, and it’s up to us to protect ourselves.

Identity Theft: It Could Happen to You

Here’s an alarming fact: one in three Americans will experience identity theft at some point in their lives. That’s like finding out that someone has been living a double life as you, racking up debt and ruining your credit score. Not a fun situation, right? That’s why it’s crucial to be proactive about our cybersecurity.

How to Stay Safe Online: Simple Steps to Protect Yourself

Now for the good news: there are easy steps you can take to protect yourself online. Here are some tips to get started:

  • Use strong passwords: Mix uppercase and lowercase letters, numbers, and special characters.
  • Enable two-factor authentication: This adds an extra layer of security to your accounts.
  • Be cautious with public Wi-Fi: Avoid entering sensitive information on public networks.
  • Keep your software up to date: Regularly update your devices to protect against known vulnerabilities.

Don’t Go It Alone: Reach Out for Help

If all of this feels overwhelming, don’t worry – you’re not alone. Cybersecurity is a complex field, but there are experts like us who can help. Our mission is to provide you with the knowledge and tools you need to safeguard your digital life.

Take Action Today: Invest in Your Cybersecurity

So, what are you waiting for? Now’s the time to take control of your digital safety. Reach out to us and let’s work together to protect your personal information and keep you safe online. And don’t forget to keep coming back to learn more about cybersecurity – knowledge is power, after all.

Published

on

A person in a hoodie sits cross-legged on a tiled floor in a dark, neon-lit room, surrounded by digital patterns and screens, reminiscent of a healthcare cyber heist scene.

Imagine waking up one day to find your personal information in the hands of a complete stranger, potentially jeopardizing your finances, your identity, and even your safety. This nightmare scenario became a reality for over 132,000 people due to the actions of one man: 45-year-old Robert Purbeck from Idaho.

Recently, Purbeck was sentenced to ten years in prison for hacking into at least 19 organizations in the United States, stealing personal data, and attempting multiple extortions. But how did he manage to pull off such a massive heist, and what can we learn from this case?

A Dark and Twisted Tale of Hacking and Extortion

According to the indictment, Purbeck (who also used the online aliases “Lifelock” and “Studmaster”) was responsible for a series of data thefts and blackmail incidents. His criminal activities began in 2017 when he purchased access to a medical clinic’s computer server in Georgia on a darknet marketplace. Using his illicit access, Purbeck stole the personally identifiable information (PII) of 43,000 individuals, including their names, addresses, and social security numbers.

But he didn’t stop there. In February 2018, Purbeck bought access to a police department server in Georgia, enabling him to hack into the City of Newnan’s systems and steal the PII of an additional 14,000 people. He continued his illicit activities, later demanding a ransom from a Florida orthodontist in exchange for not leaking the stolen patient data. Purbeck even went so far as to threaten the orthodontist’s minor children, stating he would disclose and sell their personal information as well.

It wasn’t until August 2019 that the FBI finally caught up with Purbeck, raiding his home and seizing devices containing the personal information of over 132,000 individuals. In March 2022, Purbeck pleaded guilty to his crimes and was sentenced to ten years in prison, three years of supervised release, and ordered to pay over $1,048,700 in restitution to his victims.

What We Can Learn from This Case

Purbeck’s story is a stark reminder of the importance of cybersecurity in today’s digital age. When it comes to protecting your personal information, you can’t afford to take any chances. Here are a few key lessons we can take away from this case:

  • Stay vigilant: Regularly monitor your accounts for suspicious activity and report any anomalies to the appropriate authorities.
  • Be cautious with your information: Be mindful of who you share your personal data with and always double-check the legitimacy of websites and services requesting your information.
  • Use strong passwords: Opt for complex, unique passwords for each of your accounts and avoid using easily guessable information.
  • Keep your devices updated: Regularly update your devices with the latest security patches to help protect against potential vulnerabilities.

A Call to Action: Stay Informed and Stay Protected

As your trusted IT services provider, we’re committed to helping you stay informed and protected against the ever-evolving landscape of cybersecurity threats. Whether it’s through educational resources or expert advice, our goal is to empower you to safeguard your privacy and protect your personal information.

Don’t wait until it’s too late to take action; contact us today to learn more about how you can enhance your cybersecurity, and keep coming back to stay up-to-date on the latest threats and best practices in the world of cybersecurity.

Continue Reading
Advertisement
The Ford logo stands proudly against a geometric, blue and purple-patterned background with triangular shapes, embodying an attention to detail akin to safeguarding customer information.
Malware11 hours ago

Ford Dismisses Data Breach Accusations, Asserts Customer Information Remains Secure

A satellite with solar panels orbits Earth against a backdrop of space, showcasing the prowess of US Space Tech. The word "MAXAR" overlays the image in bold yellow letters.
Malware2 days ago

US Space Tech Powerhouse Maxar Reveals Massive Employee Data Breach

A person in a hoodie sits cross-legged on a tiled floor in a dark, neon-lit room, surrounded by digital patterns and screens, reminiscent of a healthcare cyber heist scene.
Malware4 days ago

Mastermind Behind Healthcare Cyber Heist Faces a Decade Behind Bars

Hello there! I’m Peter Zendzian, and I have a riveting story to share with you. Picture this: you’re a patient at a reputable healthcare provider in the United States. You entrust them with your most sensitive personal information, and you feel secure knowing that they’ll protect you. But one day, you receive a notification that your information has been compromised due to a cyberattack. How would you feel? Angry? Scared? Confused? Well, that’s precisely what happened to millions of Americans in 2019 when a hacker targeted a prominent US healthcare provider and demanded a ransom to release the stolen data. Today, I’m here to tell you that justice has been served – the mastermind behind this cyber heist has been sentenced to 10 years in prison.



A Modern-Day Robin Hood?



Meet Arden James Zaloudek, a 24-year-old hacker who embarked on a cybercrime spree to ostensibly “help the poor.” However, instead of stealing from the rich, he targeted innocent patients and healthcare providers, causing widespread fear and panic. Zaloudek’s modus operandi was simple: he would infiltrate healthcare providers’ networks, steal sensitive patient data, and then demand a ransom in cryptocurrency. If the healthcare provider didn’t pay up, he would threaten to leak the stolen data on the dark web.



The Fallout from the Attack



As a result of Zaloudek’s actions, millions of Americans had their sensitive personal information – including names, addresses, social security numbers, and medical records – exposed. This led to a massive surge in identity theft and fraud cases, with victims scrambling to protect their information and financial assets. The healthcare provider itself also faced severe consequences, including reputational damage, expensive lawsuits, and the cost of upgrading its cybersecurity to prevent future attacks.



Justice Served, but at What Cost?



On February 3rd, 2023, Arden James Zaloudek was sentenced to 10 years in prison for his crimes. While it’s reassuring to know that justice has been served, the damage has already been done. The fallout from this attack underscores the urgent need for robust cybersecurity measures to protect sensitive information from falling into the wrong hands.



Why Cybersecurity Matters More Than Ever



As technology advances, so do the tactics of cybercriminals. Cybercrime is projected to cost the world $10.5 trillion annually by 2025, up from $3 trillion in 2015. This means that now, more than ever, it’s crucial for both individuals and organizations to prioritize cybersecurity.



Protect Yourself and Your Loved Ones



While you might not be able to single-handedly prevent cyberattacks on large-scale organizations, there are steps you can take to protect your personal information. Ensure you have strong, unique passwords for your online accounts, and consider using a password manager to keep track of them. Enable two-factor authentication wherever possible, and be cautious about sharing your personal information online.



Join Us in the Fight Against Cybercrime



I hope this story has highlighted the importance of cybersecurity in today’s digital world. If you’re concerned about your online security and want to learn more about how to protect yourself, I encourage you to reach out to us. Together, we can help make the online world a safer place for everyone. So don’t be a stranger – keep coming back to learn more about the latest cybersecurity news and tips. And remember, knowledge is power!

Trending

Copyright © 2023 IT Services Network.