Wall Street Journal published report called “Hospital Suffer New Wave of Hacking Attempts”
- Great Plains Health of Nebraska’s Christopher Stroud admitted that up to 70,000 attempts per day from hackers trying to get into the hospital’s network
- Hackers give interview with Cisco researcher:
- Identified as “Aleks”, and lives in Siberia, Russia
- In his early 30s
- Has university level education
- Uses Mimikatz and PowerShell as tools
- Is part of the Lockbit ransomware gang
- Healthcare is his favorite target as they pay ransom up to 90% of the time
- Victims are motivated to pay ransom if they believe that their data will be leaked
- If victim has cybersecurity insurance, payment is “all but guaranteed”
- $350 million was earned by ransomware gangs in 2020, according to research done by Chainanalysis.
- Friendswood Independent School District of Texas notified an unknown number of students that their info was exposed after it was accidentally sent to a school photographer
- Shorewood School District of Wisconsin notified an unknown number of students that their info was exposed after an email mistake.
- Digital Shadows Cybersecurity published report stating that 29% of new ransomware attacks are now aimed at industrial goods and services companies.
- Coveware Cybersecurity published report stating that the average ransom payment to hackers has declined to $154,108.
- Most common ransomware is Sodinokibi, aka REvil
- Other strains include; Maze, Ryuk, NetWalker, Egregor, Conti and DopplePaymer
- Minimum of 60% of companies pay the ransom
- If companies do not fix the vulnerability that allowed the ransomware attack, they run risk of being attacked again.
- Most common industries hit by ransomware in last 90 days:
- 17.9% = healthcare
- 16.3% = professional services
- 11.9% = consumer services
- 9.5% = public sector
- Beaumont Health of Michigan notified an unknown number of patients that their PHI may have been exposed after a cybersecurity incident with its COVID-19 vaccine appointment system.
- Comcast Corp., headquartered in Philadelphia, PA notified up to 1.5 billion customers that their info may have been exposed after a database was inadvertently exposed on a public website.
- Victor Central School District of New York notified an unknown number of students that their info was exposed after ransomware attack.
- 60 Minutes episode on CBS had Bill Evanina, former director of US Counterintelligence, state that up to 80% of all Americans have had their personal information stolen by Chinese government.
- Nationwide Children’s Research Institute of Columbus, OH notified an unknown number of patients that their PHI as well as trade secrets, were stolen by a former researcher for financial gain.
- Capsule Security published report stating that stolen PHI (protected health information, i.e. patient medical records) are selling for as much as $1000 each on the Dark Web.
- Goodwin Procter Law Firm, headquartered in Boston, Mass, notified an unknown number of clients that their info may have been exposed after breach.
- Oklahoma Tourism and Recreation Department notified an unknown number of tourists that their info may have been exposed after a breach.
- Accelion Software of Palo Alto notified 1.6 million people who used Employment Security Department (unemployment office) in the state of Washington that their info was exposed after breach.
- DriveSure of Northbrook, IL notified over 3 million people that their info was exposed after breach. DriveSure is a car dealership service provider focused on employee training programs and customer retention.
- Baldwin Wallace University of Berea, OH notified an unknown number of students that their info may have been exposed after a ransomware attack.
- Epsilon Data Management of Irving, TX agreed to pay $150 million to settle lawsuit regarding allegation that company sold confidential information on millions of Americans.
- US Fertility of Baltimore, MD faces a class action lawsuit regarding recent data breach that exposed PHI.