Connect with us

Malware

Massive Ransomware Attack: Cybercriminals Breach Health Data of 533,000 Individuals – Protect Yourself Now!

The GHC SCW ransomware gang has stolen health data of over 533,000 individuals, impacting patient care and services. Learn how this cyberattack could affect your medical records and what steps are being taken to mitigate the risk. Stay informed and protected with the latest updates on healthcare cybersecurity threats.

Published

on

Image: Midjourney

Imagine waking up one day and finding out that your personal and medical information has been stolen by cybercriminals. That’s exactly what happened to over 500,000 individuals when a ransomware gang breached the network of non-profit healthcare service provider Group Health Cooperative of South Central Wisconsin (GHC-SCW) in January.

Luckily, the attackers were unable to encrypt the compromised devices. This allowed GHC-SCW to secure its systems with the help of external cyber incident response experts and bring them back online after they were isolated to contain the breach.

According to a press release published by GHC-SCW, the unauthorized access to their network was discovered during the early morning hours of January 25th, 2024. During their investigation, they found out that the attacker had copied some of GHC-SCW’s data, which included protected health information (PHI).

What kind of health data was stolen, you ask? The cybercriminals got their hands on affected individuals’ names, addresses, telephone numbers, e-mail addresses, dates of birth and/or death, social security numbers, member numbers, and Medicare and/or Medicaid numbers. While GHC-SCW didn’t provide the exact number of affected people, additional information shared with the U.S. Department of Health and Human Services shows that the data breach impacted 533,809 individuals.

As a response to the incident, GHC-SCW has taken security measures to prevent such breaches from happening again. This includes strengthening existing controls, data backup, and user training. If you happen to be one of the impacted individuals, it’s advisable to monitor all communications from healthcare providers, including electronic messages, billing statements, and other communications. And if you notice any suspicious activity, report it to GHC-SCW immediately.

So far, GHC-SCW has not found any evidence of the stolen information being used for malicious purposes.

Who’s behind the attack?

The Wisconsin-based healthcare non-profit didn’t reveal the name of the threat group behind the January breach. However, the BlackSuit ransomware gang claimed responsibility for the attack in March. According to the attackers’ claims, the stolen files also contain affected patients’ financial information, employees’ data, business contracts, and e-mail correspondence.

Not much is known about the group behind the BlackSuit ransomware operation, but their dark web leak site was first spotted last May and has since been updated with dozens of new victims. In June, the highly active Royal ransomware gang — believed to be the direct successor of the notorious Conti cybercrime group — began testing a new encryptor called BlackSuit after rumors of a rebrand began surfacing in April.

Since then, Royal has rebranded into BlackSuit and reorganized into a more centralized operation, similar to the model they used when they were part of the Conti syndicate as Team 2 (Conti2). In November, the FBI and CISA revealed in a joint advisory that the Royal ransomware gang had breached the networks of at least 350 organizations worldwide since September 2022 and linked the operation to more than $275 million in ransom demands.

So, what can we learn from all of this? Cybersecurity threats are very real and can impact anyone, even non-profit healthcare organizations. That’s why it’s crucial for everyone to take the necessary precautions to protect their sensitive data.

Don’t wait until it’s too late. Keep coming back to us to learn more about cybersecurity and how you can protect yourself and your organization from cyberattacks. Remember, knowledge is power, and the more you know, the better equipped you’ll be to defend against these threats.

Up Next

AT&T Cyberattack: A Wake-Up Call for 51 Million Customers



Hey there, friends! I want to talk to you about something that has recently caught my attention – the massive AT&T data breach that has affected a staggering 51 million customers. As someone who’s passionate about cybersecurity, I can’t stress enough how important it is for all of us to take this issue seriously. So, let’s dive into the details and find out what we can do to protect ourselves and our digital lives.



A Frightening Reality: The AT&T Data Breach



Let me paint you a picture: imagine you’re sitting at home, scrolling through your social media feed, when suddenly you receive an email from AT&T. The subject line reads, “Important Security Alert: Your Account Information May Have Been Compromised.” Your heart skips a beat as you open the message and realize that your personal data – including your name, address, and even your Social Security number – may have fallen into the wrong hands.



Well, folks, that nightmare scenario became a reality for a jaw-dropping 51 million AT&T customers when the company announced one of the largest data breaches in US history. The cyberattack, which occurred in April 2021, exposed sensitive information that could be used for identity theft, financial fraud, and other malicious activities. And, unfortunately, this isn’t an isolated incident – data breaches are becoming all too common in today’s digital world.



Why You Should Care About Cybersecurity



Now, I know what you’re thinking: “Peter, this is all very scary, but what does it have to do with me?” Well, the truth is that we’re all vulnerable to cyberattacks, no matter how secure we think our online presence is. In fact, according to a recent study, over 4.1 billion records were exposed in the first half of 2019 alone. That’s a mind-boggling number, and it’s only going to grow as our reliance on technology continues to increase.



But here’s the good news: by taking a few simple steps, you can significantly reduce your risk of falling victim to a data breach. I know it may seem overwhelming, but trust me – it’s worth the effort to protect your personal information and avoid the stress and anxiety that come with being hacked.



How To Safeguard Your Digital Life



So, how can you take control of your cybersecurity? Here are a few easy-to-implement tips that can make a big difference:




  • Use strong, unique passwords: This may sound like a no-brainer, but it’s surprising how many people still use weak, easily guessable passwords. Make sure each of your accounts has a different, complex password that includes a combination of letters, numbers, and symbols.

  • Enable two-factor authentication: This adds an extra layer of security by requiring you to enter a code sent to your phone or email whenever you log in from a new device.

  • Be cautious with public Wi-Fi: Public Wi-Fi networks can be a goldmine for hackers. Use a virtual private network (VPN) to encrypt your data and protect your privacy when connecting to public hotspots.

  • Update your software: Make sure you’re always using the latest versions of your operating systems and applications, as they often include security patches to fix vulnerabilities.

  • Stay informed: Keep up-to-date on the latest cybersecurity news and trends to ensure you’re prepared for new threats as they emerge.



Join Us in the Fight Against Cybercrime



Friends, the AT&T data breach is just one example of the growing cybersecurity challenges we face in today’s digital age. But by taking action and making cybersecurity a priority, we can protect ourselves and our loved ones from the devastating consequences of data breaches.



So, I urge you to join me in the fight against cybercrime. Contact us to learn more about how you can safeguard your digital life, and make sure to keep coming back for the latest tips, tricks, and updates on all things cybersecurity. Together, we can make a difference and create a safer, more secure online world for everyone.

Don't Miss

Home Depot Confirms Massive Third-Party Data Breach Exposing Employee Information

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Malware

AT&T Shells Out $13 Million in FCC Settlement for Shocking 2023 Data Breach

AT&T has paid a $1.3 million settlement to the Federal Communications Commission (FCC) following a 2023 data breach that exposed customers’ personal information. The breach resulted from unauthorized access to user accounts by AT&T’s third-party vendor, which sold customer information to third-party call centers.

Published

on

The AT&T logo is set against a vibrant background of pink and blue digital light patterns, symbolizing its resilience post-FCC settlement.

The Federal Communications Commission (FCC) has reached a $13 million settlement with AT&T to resolve a probe into whether the telecom giant failed to protect customer data after a vendor’s cloud environment was breached three years ago.

The FCC’s investigation also examined AT&T’s supply chain integrity and whether the telecom giant engaged in poor privacy and cybersecurity practices.

The massive data breach investigated by the FCC occurred in January 2023, when threat actors accessed customer data of roughly 9 million AT&T wireless accounts stored by a vendor contracted to generate personalized video content, including billing and marketing videos.

“Customer Proprietary Network Information from some wireless accounts was exposed, such as the number of lines on an account or wireless rate plan,” AT&T told us at the time.

“The information did not contain credit card information, Social Security Number, account passwords or other sensitive personal information. We are notifying affected customers.”

The CPNI data exposed in the January 2023 breach included customer first names, wireless account numbers, phone numbers, and email addresses.

Even though the vendor was required to destroy or return the data after the contract ended—years before the breach—it failed to do so. AT&T was found to have inadequately monitored the vendor’s compliance with their contractual obligations.

“Carriers must take additional precautions given their access to sensitive information, and we will remain vigilant in ensuring that’s the case no matter which provider a customer chooses.”

AT&T agrees to boost customer data protection

To settle the investigation, AT&T has also agreed to strengthen its data governance practices to protect its consumers’ sensitive data against similar vendor data breaches in the future.

The consent decree mandates AT&T to implement a comprehensive Information Security Program that includes broad customer data protection, improve its data inventory processes to track data shared with vendors, ensure that vendors follow retention and disposal rules for customer information (to limit the amount of customer data vulnerable to date breaches), and conduct annual compliance audits to assess AT&T’s compliance with these requirements.

“The Communications Act makes clear that carriers have a duty to protect the privacy and security of consumer data, and that responsibility takes on new meaning for digital age data breaches,” said FCC Chairwoman Jessica Rosenworcel.

“Carriers must take additional precautions given their access to sensitive information, and we will remain vigilant in ensuring that’s the case no matter which provider a customer chooses.”

Enforcement Bureau Chief Loyaan A. Egal also underscored the significance of the case, noting that “Communications service providers have an obligation to reduce the attack surface and entry points that threat actors seek to exploit in order to access sensitive customer data.”

“Protecting our customers’ data remains one of our top priorities. A vendor we previously used experienced a security incident last year that exposed data pertaining to some of our wireless customers,” an AT&T spokesperson told us after publishing time.

“Though our systems were not compromised in this incident, we’re making enhancements to how we manage customer information internally, as well as implementing new requirements on our vendors’ data management practices.

“Consistent with FCC requirements, we began notifying customers of this incident in March 2023. The data included information like the number of lines on an account. It did not contain credit card information, Social Security Numbers, account passwords or other sensitive personal information.”

In July 2024, AT&T warned of another massive data breach after threat actors stole the call logs for roughly 109 million customers (nearly all of its mobile customers) from an online database on the company’s Snowflake account between April 14 and April 25, 2024.

The exposed data contained phone numbers, call durations, communications metadata, and number of calls or texts. However, AT&T said the attackers couldn’t access the content of the calls or texts, customer names, or any other personal information like Social Security numbers or dates of birth.

In April, the company also notified 51 million former and current customers of a data breach linked to a massive amount of AT&T customer data leaked in March on the Breached hacking forum and previously offered for sale for $1 million in 2021.

Update September 17, 14:54 EDT: Added AT&T statement.

A Call to Arms for Data Security Enthusiasts

As we continue to witness breaches and vulnerabilities, it becomes increasingly essential for individuals and businesses to prioritize cybersecurity. We invite you to join us in our mission to empower users with the knowledge and tools they need to protect their data and privacy. Don’t hesitate to get in touch with us, and keep coming back to learn more about the ever-evolving landscape of cybersecurity.

Continue Reading

Malware

23andMe to Shell Out $30 Million in Astonishing Genetics Data Breach Settlement

23andMe has agreed to pay $30 million to settle a lawsuit over a 2020 data breach that exposed customers’ genetic information. Learn more about the settlement and how it will impact the biotechnology company’s future data security measures.

Published

on

Imagine receiving a package in the mail containing a small tube that holds the key to uncovering your ancestry, traits, and health predispositions. You trust the company to keep your most sensitive information, your DNA, safe and secure. But what happens when that trust is broken? In 2023, 23andMe, a leading DNA testing company, faced this very issue when a massive data breach exposed the personal information of 6.4 million customers.

Fast forward to today, and 23andMe has agreed to pay a whopping $30 million to settle a lawsuit resulting from the breach. The proposed class action settlement is currently awaiting judicial approval and includes cash payments for affected customers. While the company believes the settlement is fair, they also deny any wrongdoing and maintain that they properly protected their customers’ personal information.

Addressing Security Weaknesses

In addition to the financial settlement, 23andMe has agreed to strengthen its security protocols, such as adding protections against credential-stuffing attacks and requiring mandatory two-factor authentication for all users. The company also plans to conduct annual cybersecurity audits and create a comprehensive data breach incident response plan.

Furthermore, 23andMe will no longer retain personal data for inactive or deactivated accounts and will provide an updated Information Security Program to employees during annual training sessions. While these actions may help rebuild trust, it’s important for us to recognize that data breaches can happen to anyone – even trusted companies like 23andMe.

Understanding the Data Breach

So, how did the breach occur? In October 2023, 23andMe discovered unauthorized access to customer profiles resulting from compromised accounts. Hackers exploited credentials stolen from other breaches to access 23andMe accounts. In response, the company implemented measures to block similar incidents, such as requiring customers to reset passwords and enabling two-factor authentication by default.

However, the damage was already done. Starting in October, threat actors leaked data profiles belonging to 4.1 million individuals in the United Kingdom and 1 million Ashkenazi Jews on the unofficial 23andMe subreddit and hacking forums. In total, data for 6.9 million customers, including information on 6.4 million U.S. residents, was downloaded in the breach.

Moreover, the company confirmed that attackers stole health reports and raw genotype data during a five-month credential-stuffing attack that took place from April to September. As a result, multiple class-action lawsuits were filed against 23andMe, leading to the recent settlement.

A Call to Action for Cybersecurity Awareness

As we reflect on the 23andMe data breach, it’s crucial to recognize that we all play a role in safeguarding our personal information. By staying informed about cybersecurity best practices and understanding the risks involved in sharing sensitive data, we can better protect ourselves from potential threats.

At IT Services, we’re committed to helping you stay informed and secure. Keep coming back to learn more about cybersecurity, and don’t hesitate to contact us with any questions or concerns. Together, we can build a safer digital world for all.

Continue Reading

Malware

RansomHub Launches Daring Cyberattack on Kawasaki, Warns of Massive Data Leak

Kawasaki faces a cyberattack from RansomExx, a ransomware group that threatens to leak stolen data on the RansomHUB dark web portal. The company confirms unauthorized access to European and Japanese servers, and is taking measures to prevent further damage.

Published

on

A person in a green and black outfit rides a green Kawasaki Ninja ZX-7R motorcycle on a road surrounded by lush greenery, seeming unaware of the cyberattack that had occurred earlier at RansomHub.

Picture this: You’re going about your day, and suddenly, your entire business comes to a screeching halt. You’ve been hit by a cyberattack, and your critical data is now in the hands of cybercriminals. This nightmare scenario recently played out for Kawasaki Motors Europe, as the RansomHub ransomware gang targeted their EU headquarters and threatened to leak stolen data.

But Kawasaki didn’t take this lying down. They immediately jumped into action, working diligently to clean their systems of any “suspicious material,” such as malware. According to their announcement, they isolated their servers and initiated a strategic recovery plan. By working with external cybersecurity experts, they began checking each server one by one before reconnecting them to the corporate network. Their efforts are paying off, with 90% of their server infrastructure expected to be restored by the start of next week.

Now, you might be thinking, “That’s great for Kawasaki, but what does this have to do with me?” The answer is simple: cyberattacks can happen to anyone, and they’re becoming more prevalent and sophisticated every day. In fact, RansomHub alone has breached 210 victims from a wide range of critical U.S. infrastructure sectors since its launch in February, according to a joint advisory between the FBI, CISA, and the Department of Health and Human Services (HHS).

Don’t become a statistic: Learn from Kawasaki’s experience

Kawasaki’s story serves as a valuable lesson for all of us. When faced with a cyberattack, it’s crucial to act quickly and decisively, partnering with cybersecurity experts to mitigate the damage and protect your valuable data. But even better than reacting to an attack is preventing one from happening in the first place.

So, what can you do to safeguard your business and personal data from cybercriminals? Here are a few key steps:

  • Keep your software up to date. Regularly updating your software helps to patch any security vulnerabilities that cybercriminals could exploit.
  • Invest in strong security measures. This includes firewalls, antivirus software, and secure network connections, as well as employee training on cybersecurity best practices.
  • Regularly back up your data. Having a secure, up-to-date backup of your data can help you recover more quickly in the event of an attack.
  • Monitor for suspicious activity. Regularly review your network logs and other activity to identify any potential threats or breaches.

Let’s work together to keep your data safe

Here at IT Services, we understand the importance of keeping your data secure and are committed to helping you protect your business from cyberattacks. Our team of cybersecurity experts is available to guide you through the process of implementing robust security measures and ensuring your business is prepared to face any potential threats.

To learn more about how we can help you safeguard your business and personal data, get in touch with us today. And remember, the best defense against cyberattacks is a proactive approach to cybersecurity. So, don’t wait for disaster to strike—take action now to keep your data safe and secure.

Continue Reading

Trending