Blackbaud, which suffered a data breach of its customers’ data in a ransomware attack in 2020, in which it admitted paying the ransom in a double extortion attack [view related posts], is facing multiple class action cases following the attack. The cases have been consolidated in multi-district litigation and now comprise 29 cases.

The

Eskenazi Health in Indianapolis has been diverting emergency department patients arriving by ambulance to other area hospitals since it shut down its network following a ransomware attack on August 4, 2021. The diversion is “out of an abundance of caution and to maintain the safety and integrity of our patient care” according to a hospital

On July 19, 2021, the Federal Bureau of Investigations issued a Private Industry Notification to service providers and “entities associated with the Tokyo 2020 Summer Olympics that cyber actors who wish to disrupt the event could use distributed denial of service (DDoS) attacks, ransomware, social engineering, phishing campaigns, or insider threats to block or disrupt

Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large and small, off-guard. U.S. President Joseph Biden warned Russian President Vladimir Putin to knock it off during their first summit [view related post]. Nonetheless, and not surprisingly, the attacks continue, particularly

The most recent in a long list of IT security firms that have been hit with ransomware in the past year, Miami-based Kaseya Ltd disclosed late last week that it was hit with a ransomware attack that may affect hundreds, even thousands, of U.S.-based companies.

Kaseya has publicly stated that it is investigating the attack

University Medical Center in Las Vegas announced that it recently became the victim of a ransomware attack by REvil, a well-known threat actor that has attacked many hospitals and health systems with the Sodinokibi malware variant.

It is being reported that during the attack, REvil was able to exfiltrate personal information that it then published

Reproductive Biology Associates, LLC (RBA) and its affiliate, MyEggBank, notified approximately 38,000 patients that a data breach involving a ransomware attack had exposed the patients’ full names, addresses, Social Security numbers, laboratory results, and information relating to the handling of human tissue. 

RBA stated in the notification that the intrusion by the ransomware group occurred

I know I sound like a vinyl record that has a scratch in it, but I write it as I see it. And right now, I am seeing that the companies hit with cyber-attacks, ransomware attacks, double extortion attacks, and data theft are unprepared to respond because they either don’t have an incident response plan

It has been reported by Bloomberg Law that the Colonial Pipeline ransomware attack was caused by a “single compromised password.” The Colonial Pipeline ransomware attack had consumers hoarding gasoline and disrupted distribution of gas along the east coast. One single compromised password.

Colonial Pipeline paid $4.4 million in ransom following the attack, although the Department