Tag Archive for: Affected

District attorney offices statewide affected by ransomware attack

/in


Mar. 14—The New Mexico Administrative Office of the District Attorneys was still trying to get its two main computer servers working again Thursday after a ransomware attack locked prosecutors across the state out of their files Wednesday morning.

“We are currently working to resolve the issue and optimistic it will be resolved sometime today,” said Henry Valdez, the agency’s director, in an interview Thursday.

He explained the cyberattack: “It comes in however it can, then encrypts your files so you can’t access them and then says you have to pay a certain amount and if you don’t they never release the encryption.”

Valdez said the two computer servers affected by the attack are in Albuquerque but serve offices in the 13 judicial districts throughout New Mexico. The Santa Fe-based server near his office has not been affected, he added.

Work at the First Judicial District Attorney’s Office, which serves Santa Fe, Rio Arriba and Los Alamos counties, was hindered by the attack, a spokesman confirmed.

“The FJDA can confirm that we are experiencing issues with our case management system, as well as other internal systems. This has resulted in an inability for our staff to work as they are normally accustomed,” spokesman Nathan Lederman wrote in an email.

“We have been informed that our computer systems have been hacked statewide,” District Attorney Mary Carmack-Altwies wrote in an email Wednesday to judges and others in the district.

“As such, we have no access to any files/drives/folders. Nothing,” she wrote.

“AODA is attempting to fix the situation but it appears that malware and/or ransomware has attacked the systems and this may take the rest of the week,” she added.

The Judicial Information Division Service desk sent an email to judges Thursday warning staff to use caution when opening electronic communications from the District Attorney’s Office.

“Until further notice anything we receive from the district attorney’s office, even from trusted sources, needs to be thoroughly reviewed,” the email says. “All emails from any DA email address should be carefully examined especially if it contains any sort of attachment or hyperlink that would take you to a website.”

Source…

What is a Botnet and How to Detect if I’m Affected

/in


In today’s interconnected digital landscape, the term “botnet” has become increasingly prevalent, sparking concerns about cybersecurity and individual online safety. This blog post aims to demystify the concept of botnets, shedding light on what they are, how they operate, and most importantly, how you can detect if you unknowingly find yourself entangled in one.

What is a Botnet?

At its core, a botnet is a network of compromised computers, or “bots,” that are under the control of a single entity, typically a cybercriminal. These bots can be any device connected to the internet, from personal computers to IoT devices.

How Botnets Operate

Botnets operate silently in the background, often without the user’s knowledge. Once a device is compromised, it becomes part of a larger network controlled by a central server, known as the “command and control” server. The cybercriminal orchestrating the botnet can then remotely command these compromised devices to perform various malicious activities.

Signs You Might be Part of a Botnet

A. Unusual Network Activity:

One of the key indicators of botnet involvement is unusual network activity on your device. This can include a significant increase in data usage, irregular patterns in internet traffic, or unexpected network slowdowns. Monitoring your network activity can help identify potential botnet activity.

B. Unexplained Resource Consumption:

Botnets often consume a significant amount of a device’s resources, leading to slower performance. If you notice a sudden decline in your device’s speed, increased CPU usage, or unexplained system crashes, it might be a sign that your device is part of a botnet.

C. Unexpected Pop-ups and Ads:

Botnets are frequently used to generate revenue for cybercriminals. If you start experiencing an influx of pop-ups, ads, or redirects while browsing, it could be an indication that your device is part of a botnet engaged in ad fraud or click fraud activities.

How to Detect if You’re Part of a Botnet

A. Use Antivirus and Anti-malware Software:

Regularly update and run reputable antivirus and anti-malware software on your device. These programs can detect and remove malicious software, reducing…

Source…

McLaren Health Care Hack Affected Millions; Lawsuits Pile Up

/in


Breach Notification
,
HIPAA/HITECH
,
Security Operations

Michigan Healthcare Provider Faces 7 Federal Lawsuits in Alphv/BlackCat Data Theft

Marianne Kolbasuk McGee (HealthInfoSec) •
November 13, 2023    

McLaren Health Care Hack Affected Millions; Lawsuits Pile Up
McLaren Health Care is facing seven proposed federal class action lawsuits following a recent data theft affecting nearly 2.2 million patients. (Image: McLaren)

McLaren Health Care is notifying 2.2 million individuals of a data breach weeks after ransomware group Alphv/BlackCat claimed to have stolen 6 terabytes of patient records in an August attack. In the meantime, the number of federal lawsuits filed against the Michigan-based healthcare system has more than doubled over the last month.

See Also: Live Webinar | Generative AI: Myths, Realities and Practical Use Cases

McLaren Health Care on Thursday reported the hacking incident to Maine’s attorney general as affecting nearly 2.19 million individuals, including 77 Maine residents.

The compromised information includes individuals’ name, Social Security number, health insurance information, birthdate, and medical information including billing or claims information, diagnosis, physician information, medical record number, Medicare/Medicaid information, prescription/medication information, diagnostic results and treatment information, McLaren said.

McLaren also reported the incident to federal regulators on Oct. 20 with a placeholder estimate of 501 individuals affected at that time. But based on McLaren’s current estimate of nearly 2.2 million individuals affected,…

Source…

Nearly all people in US state of Maine affected by Moveit hack

/in


A statement issued by the government of Maine in the US notified 1.3m residents that their personal data may have been stolen in a cyberattack in May.

Nearly the entire population of the US state of Maine has fallen victim to the latest Moveit hack after the personal information of 1.3m was stolen by criminals.

First reported in June, the global Moveit breach, in which hackers exploit a zero-day vulnerability in the file transfer software, has affected companies and government agencies on both sides of the Atlantic, including banks, universities, insurance and healthcare providers.

One of the first incidents announced affected 45,000 students in the New York City Department of Education system. The agency revealed that students’ personal information, such as social security numbers and birth dates, was stolen.

In July, the hack hit closer to home, after Dublin Airport became the latest victim of the cyberattack. Pay and benefits information of some Dublin Airport employees was compromised in a third-party cyberattack affecting Aon, airport management company DAA confirmed to SiliconRepublic.com at the time.

Microsoft attributed the hack exploiting the Moveit zero-day vulnerability to Lace Tempest, a reportedly Russian-speaking cybercrime group known for similar ransomware operations and running the Clop extortion site, which was also responsible for the GoAnywhere MFT attack in March.

Now, 1.3m residents of Maine in north-eastern US have been notified by the state government that they have been impacted by a cyberattack after a “software vulnerability” was exploited by a group of hackers who accessed and downloaded files belonging to agencies in the state.

A statement issued by the government read that the incident happened between 28 and 29 May 2023.

“The state of Maine has determined that this incident has impacted approximately 1.3m individuals, with the type of data affected differing from person to person,” it read.

“The state encourages individuals to reach out to its dedicated call centre to verify if they were affected and, if so, to identify what specific data of theirs was involved.”

Types of data stolen as part of…

Source…