Tag: data | SpinSafe

Change Healthcare’s stolen ‘private’ patient data leaked by ransomware group

April 18, 2024/in Internet Security

        {
  "message": "Show article",
  "action": "show",
  "data": "",
  "placResultsPublic": {
    "overallContentType": "FreeWithRegContent",
    "userState": "ACCESSBYFREEWREG",
    "showWall": "",
    "userAccess": "1",
    "referrer": "http://www.bing.com/",
    "userAccessCookie": null,
    "productList": "",
    "contentMetaData": "<?xml version='1.0' encoding='UTF-8'?><ARTICLE><TYPE>ARTICLE</TYPE><ID>/2024/04/18/change-healthcares-stolen-private-patient-data-leaked-by-ransomware-group/</ID><SOURCE>BenefitsPro</SOURCE><PUBLICATION-DATE>2024-04-18</PUBLICATION-DATE><PUBLICATION-NAMES><PUBLICATION-NAME>BenefitsPro</PUBLICATION-NAME></PUBLICATION-NAMES><PRACTICE-AREAS /><CHANNELSECTIONS><CHANNELSECTION><CHANNEL></CHANNEL><SECTION>Consumer Driven Health Care</SECTION></CHANNELSECTION><CHANNELSECTION><CHANNEL></CHANNEL><SECTION>Core and Group Health</SECTION></CHANNELSECTION><CHANNELSECTION><CHANNEL></CHANNEL><SECTION>Employee Participation</SECTION></CHANNELSECTION><CHANNELSECTION><CHANNEL></CHANNEL><SECTION>Employee-Paid</SECTION></CHANNELSECTION><CHANNELSECTION><CHANNEL></CHANNEL><SECTION>Employer-Paid</SECTION></CHANNELSECTION></CHANNELSECTIONS><REFERRER>http://www.bing.com/</REFERRER></ARTICLE>",
    "decisionEngine": "Templates Cache",
    "rulesFiredString": null,
    "contentProductCodes": null
  }
}

Source…

Omni Hotels confirms customers’ personal data stolen in ransomware attack – KIRO 7 News Seattle

April 18, 2024/in Internet Security

DALLAS — Officials with Omni Hotels & Resorts confirmed that cybercriminals stole the personal information of its customers during what appeared to be a ransomware attack last month.

>> Read more trending news

According to a post on its website on Sunday, the hotel giant said that “limited information pertaining to a subset of our customers may have been impacted.”

Omni said the stolen data includes customer names, email addresses, postal addresses and guest loyalty program information. The breach does not include information pertaining to financial information or Social Security numbers.

Omni said it shut down its systems on March 29 after discovering intruders in its systems, TechCrunch reported. Guests reported outages across Omni’s properties, with some customers experiencing issues with telephone and wi-fi issues, according to the technology news website.

Some customers said their room keys stopped working.

Omni officials said the chain’s systems were restored by April 8, TechCrunch reported.

“Omni Hotels & Resorts continues to investigate a recent cyberattack on its systems with the assistance of a leading cybersecurity response group,” the company wrote in an update on its website.

The FBI reported that more than 2,825 ransomware complaints were reported during 2023, an increase of 18% over 2022. Losses reported rose by 74%, from $34.3 million to $59.6 million, according to the agency.

Omni Hotels & Resorts is based in Dallas, and the chain operates 50 hotels and resorts in the United States and Canada, according to The Dallas Morning News.

Source…

Michigan healthcare organization says ransomware breached data of 185,000

April 17, 2024/in Internet Security

A ransomware attack in late 2023 exposed the personal data of nearly 185,000 people, a nonprofit Michigan healthcare organization reported Wednesday.

Cherry Street Services, also known as Cherry Health, said in a regulatory filing that the breach occurred on December 21 and was discovered on Christmas Eve.

The data breach notification filed with the office of Maine’s attorney general said the cause was ransomware, and that the attackers had accessed financial information such as credit card numbers and related security codes or passwords.

So far Cherry Health has identified 184,372 potential victims. It has not specified the exact nature of the attack or the ransomware group involved. The organization did not immediately respond to questions from Recorded Future News.

Cherry Health, based in Grand Rapids, operates in six Michigan counties and “offers high-quality health care to everyone, regardless of their ability to pay.”

In early January the organization issued a statement citing a “network disruption,” and later in the month identified the event as a “cybersecurity incident.” It continued notifying potentially affected people in February.

The 2023 holiday season saw several cyberattacks on healthcare institutions, including a Massachusetts hospital, a Seattle cancer center and an Australian provider.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

Source…

Ransomware attack hits top chipmaker Nexperia, huge hoard of data set to be leaked

April 16, 2024/in Internet Security

Top chipmaker Nexperia suffered a ransomware attack last month which saw threat actors get away with a terabyte of sensitive corporate data.

“Nexperia has become aware that an unauthorized third party accessed certain Nexperia IT servers in March 2024,” the company said in a statement shared with BleepingComputer. “We promptly took action and disconnected the affected systems from the internet to contain the incident and implemented extensive mitigation.”

The company later brought in third-party security experts to determine the nature and the scope of the incident, and took “strong measures” to terminate the unauthorized access.

Dark Angels

In the meantime, a threat actor calling itself Dunghill Leak assumed responsibility for the attack, claiming they were in possession of a terabyte of confidential data. To prove its claims, the group shared a sample, which included microscope scans of electronic components, employee passports, non-disclosure agreements, and other information.

The group is now demanding an unknown ransom payment, and if Nexperia declines, they will allegedly leak:

371 GB of design and product data, including QC, NDAs, trade secrets, technical specifications, confidential schematics, and production instructions.
246 GB of engineering data, including internal studies and manufacturing technologies.
96 GB of commercial and marketing data, including pricing and marketing analysis.
41.5 GB of corporate data, including HR, employee personal details, passports, NDAs, etc.
109 GB of client and user data, including brands such as SpaceX, IBM, Apple, and Huawei.
121.1 GB of various files and miscellaneous data, including email storage files.

Nexperia is a subsidiary of Wingtech Technology, a major Chinese chipmaker that operates plants in Germany and the UK. It builds transistors, diodes, MOSFETs, and logic divides, it was said. Its annual revenue exceeds $2 billion.

In its writeup, BleepingComputer claims the Dunghill Leak site is linked to the Dark Angels ransomware group.

More from TechRadar Pro

Source…

Tag Archive for: data