Tag Archive for: affecting

Ransomware attack affecting services to customers in Sweden

/in


20 January 2024

One of Tietoevry’s several datacenters in Sweden has become partially subject to a ransomware attack. The incident is affecting the services for some of Tietoevry’s customers in Sweden on different levels.

Tietoevry has taken immediate and highest level of action to investigate, mitigate and resolve the situation. At this point, it is not possible to say how long the work will take.

We sincerely apologise for the inconvenience the situation is causing to our customers.

We are also working with the appropriate local authorities to address the situation.

For further information, please contact:

Tietoevry Newsdesk, +358 40 5704072, [email protected]

Source…

CBS and Paramount’s parent company reports hack affecting over 80,000 people

/in


National Amusements, CBS and Paramount’s parent company, reported a year-old hack this month affecting 82,128 people. TechCrunch first covered the breach, revealed in a company legal filing with Maine’s Attorney General under a 2005 state digital privacy law. National Amusements hasn’t commented publicly on the intrusion outside of the legal filing, and it isn’t clear if customer (or “only” employee) data was stolen.

Maine’s data breach notification says the hack occurred over a year ago, from December 13 to 15, 2022. It states 82,128 people were affected, 64 of whom were Maine residents. National Amusements’ senior vice president of human resources filed the notice, which may suggest (but not confirm) that it revolved largely or entirely around internal employee data. The filing says the company began notifying customers in writing on December 22, 2023 — 372 days after the breach.

“On or about December 15, 2022, National Amusements became aware of suspicious activity in our computer network,” the notification letter to victims reads. “We immediately took steps to secure our network and minimize any disruption to our operations.”

However, that last sentence contains an inconsistency, as the notice posted by Maine’s Attorney General’s office lists the “date breach discovered” as August 23, 2023. That suggests the company didn’t know about the intrusion until eight months after the incident, hardly qualifying as “immediately” taking steps.

The filing says hackers accessed financial information, including “account number or credit/debit card number (in combination with security code, access code, password or PIN for the account).” National Amusements wrote in Maine’s notice that it’s offering victims 12 months of Experian credit monitoring and identity theft services to customers whose social security numbers were taken.

Engadget contacted National Amusements for confirmation or additional info. We will update this article if we hear back.

National Amusements gained a controlling stake in Paramount and CBS in 2019 following the Viacom-CBS merger. This hack appears separate from one Paramount disclosed in August through Massachusetts’…

Source…

Infosys Ransomware Attack Affecting Nonqual Plans Nearing Fix

/in


Nonqualified compensation benefit accounts held hostage by a ransomware attack may be nearing reactivation, according to a notice to providers obtained by PLANADVISER.

The cybersecurity event at Infosys McCamish Systems LLC that halted multiple national retirement and insurance provider platforms, starting on November 2, was the result of a ransomware attack, according to sources familiar with the issue and the note to providers. Infosys BPM Ltd., the Bangalore, India-based parent company of Infosys McCamish, has only called it a “cybersecurity event” and did not immediately respond to request for further comment on the fix.

“As we previously informed you, McCamish Systems, an Infosys subsidiary and a provider critical to our ability to process and update participant transactions, experienced a ransomware event on November 2,” stated a letter from nonqualified plan provider Newport, owned by Ascensus, to benefits clients on Tuesday. “IMS notified us that it has successfully restored and rebuilt its environment.”

Infosys on November 3 disclosed the cybersecurity event to the Securities and Exchange Commission as part of a Form 6-K filing.

On Thursday, T. Rowe Price, the Vanguard Group and Ascensus noted that a breach at the platform provider had halted account use for nonqualified compensation plans and, in the case of Principal Financial Group, group universal life insurance accounts. None provided further comment on the fix.

Infosys had hired a third-party security expert, Palto Alto Networks Inc.’s Unit 42, to investigate the attack. Unit 42 confirmed that the systems have “been hardened” and that the security firm has not observed any “indication of ongoing unauthorized access or activity,” according to the letter.

Participants with nonqualified plans do not yet have access to their accounts, with an update to come the week of November 27. As of now, no participant data has been exposed, according to this and prior correspondence from the providers.

“As previously communicated, we are taking a number of actions to protect your data and ensure that participant accounts will reflect up-to-date, accurate values, including…

Source…

5 Lawsuits Filed in Ransomware Breach Affecting 3.3 Million

/in


Fraud Management & Cybercrime
,
Healthcare
,
HIPAA/HITECH

Proposed Class Actions Against Regal Medical Group Allege Negligence, Other Claims

Marianne Kolbasuk McGee (HealthInfoSec) •
February 22, 2023    

5 Lawsuits Filed in Ransomware Breach Affecting 3.3 Million
Regal Medical Group in California is facing at least five proposed class action lawsuits following a ransomware incident involving data exfiltration that affected more than 3.3 million individuals.

At least five proposed class action lawsuits have been filed in recent days in the wake of a California medical group’s Feb. 1 report of a ransomware attack last December that affected more than 3.3 million individuals.

See Also: OnDemand | Navigating the Difficulties of Patching OT

The proposed lawsuits filed so far against Regal Medical Group, its affiliated Heritage Provider Network and other affiliated groups include four federal complaints filed since Feb. 13 in the U.S. District Court for the Central District of California, plus at least one complaint filed in a California state court on Feb. 9.

Regal, which has more than 3,000 doctors and touts itself as one of the largest physician-led healthcare networks in southern California, reported the hacking incident on Feb. 1 to the Department of Health and Human Services as affecting several of its affiliated medical groups.

The groups whose patients were affected by the incident include Lakeside Medical Organization and Affiliated Doctors of Orange County and Greater Covina Medical Group. The groups also are affiliates of Heritage Provider Network, a managed care plan (see:…

Source…