The Center for Internet Security (CIS) announced last week that it has launched the Malicious Domain Blocking and Reporting (MDBR) service to assist U.S.-based private hospitals with ransomware and cyber-attacks for free. CIS, a not-for-profit entity, “is fully funding this for private hospitals at no cost, and with no strings attached, because it’s the right
ransomware
Health and Personal Information of N.C. Residents Posted Online by Ransomware Group
Becker’s Health IT reports that two batches of sensitive information of Chatham County, N.C. residents have been posted online on the dark web and light web by the ransomware group DoppelPaymer, and that the files have been accessed more than 30,000 times.
DoppelPaymer obtained the information during a cyber-attack on the County’s systems on October…
Fertility Patients Sue Following Data Breach
Two anonymous patients being treated by fertility clinics operated by US Fertility LLC are suing the company following notification that their information may have been compromised in a ransomware attack that affected US Fertility servers and workstations.
On January 8, 2021, US Fertility notified patients of the incident that allegedly compromised patients’ names, Social Security…
Big Win for Law Enforcement: Emotet Infrastructure Taken Down
January 27, 2021, was a BIG win for law enforcement in the efforts to combat cybercrime. U.S. and European law enforcement agencies announced that through joint efforts and cooperation on “Operation Ladybird,” computer servers and the infrastructure that has been used by the criminals behind Emotet to victimize individuals and organizations through phishing schemes and…
Canon Hit with Data Breach Class Action Suit by Former and Current Employees
Canon U.S.A. Inc. (Canon) was hit with a class action lawsuit in the U.S. District Court for the Eastern District of New York this week for the ransomware attack that exposed current and former employees’ personal information in November 2020. The plaintiffs reside in Ohio, New York, Florida and Illinois, and allege that Canon was…
SolarWinds and Cyber Liability Insurance – What Businesses Need to Know
The SolarWinds cyber-attack is on everyone’s mind this week, given that most experts believe this cyber-attack will have broad impact across both the public and private sectors. For more details about the SolarWinds attack, please read this. The sheer breadth of this attack led me to reflect on the role of cyber-liability insurance for…
Privacy Tip #263 – Fake Emails and Texts Spoofing UPS and FedEx
Cyber criminals are taking advantage of the increase in online holiday shopping due to the pandemic. They know people are buying gifts online and sending the packages to the recipients. Often, the recipients do not know they are receiving a gift as it is intended to be a surprise.
Cyber criminals have stepped up their…
Embraer Data Leaked on Darkweb Website
Brazilian airplane manufacturer Embraer’s data have reportedly been uploaded on a dark web website hosted by ransomware group RansomExx (a.k.a. Defray 777) after Embraer reportedly refused to pay a ransom following a ransomware attack last month.
According to ZDNet, the hackers uploaded company files containing “samples of employee details, business contracts, photos of flight…
Cyber Exposures Rise During Pandemic
Although it is logical that cyber-attacks have risen during the pandemic, and there is anecdotal evidence that it is occurring, including our own experience, an interesting new report was recently released by Allianz, which provides cyber-liability insurance products.
According to the report, “While the COVID-19 outbreak cannot be said to be a direct cause of…
Update: Ransomware—To Pay or Not to Pay
Three recent events are prompting me to update our previous blog post on the difficult decision of whether to pay or not to pay ransomware following an attack [view related post].
The first event is the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory on October 1, 2020,…