The Town of Enfield, New Hampshire, appears to have been the victim of a man-in-the-middle scheme involving the transfer of $742,000 to a fraudulent bank account. The town is constructing a new $7.2 million public safety building. An employee was tricked into sending the payment to a fraudulent bank account instead of the construction company
threat actor
Halcyon Provides Intel on Volcano Demon Ransomware
Security research firm Halcyon recently reported that it “encountered” a new ransomware organization dubbed Volcano Demon several times in the past few weeks.
According to its report, Volcano Demon uses the encryptor LukaLocker with a .nba file extension. Halcyon provided an encryptor sample in its post.
Although Volcano Demon uses traditional methods of extortion, including…
NYAG Settles with Healthplex for $400,000
On December 8, 2023, New York Attorney General Leticia James penned her approval to an Assurance of Discontinuance with third party dental administrator Healthplex, settling the enforcement action for $400,000 and a litany of data privacy and security compliance requirements.
The AG’s investigation commenced following a November 24, 2021, successful phishing attack against Healthplex. The…
PharMerica and Amerita Sued in Class Actions for Breach of Patient Data
PharMerica and its subsidiary Amerita’s Specialty Infusion Services (Amerita) are already facing class action lawsuits after patients received a September 5, 2023, data breach notification letter. When the businesses detected suspicious activity on both the PharMerica and Amerita networks, a forensic investigation determined that a threat actor had gained access to the systems sometime in…
Insurer Denies Coverage Under Professional Liability Policy for Lawyer’s Email Compromise
Insurance coverage for cyberattacks can be tricky for anyone to navigate, including lawyers. To illustrate this point, a case in New Jersey caught my eye that I thought would be an interesting read for our followers who are lawyers.
In the case of SIMIE Mutual Insurance Co. v. Rankin, No. 23-cv-3974, 2023 WL 4763390…
Privacy Tip #369 – Stop! Don’t Scan that QR Code!
I hate to say, “I told you so,” but I did. I have repeatedly warned against scanning QR codes. Following the pandemic and scanning QR codes at restaurants, people have become very comfortable with scanning QR codes, don’t think twice about it, and don’t fully grasp the risk associated with a malicious QR code. Find…
NYAG Issues Fine Against Law Firm for Data Breach
New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal and health information of clients exposing the information in a data breach.
According to the press release, the law firm agreed to pay…