Tag Archive for: blames

UnitedHealth blames ‘nation-state’ in hack disrupting pharmacy orders


A cyberattack against a division of UnitedHealth Group Inc. has caused a nationwide outage of a computer network that’s used to transmit data between healthcare providers and insurance companies, rendering some pharmacies unable to process prescriptions, according to the company and reports from affected organizations.

UnitedHealth found a “suspected nation-state associated cyber security threat actor” had access to subsidiary Change Healthcare’s systems Wednesday, prompting the company to disconnect them from other parties, the company said in a filing Thursday with the Securities and Exchange Commission.

UnitedHealth, the country’s largest health insurer, said in a statement Thursday that the cyberattack and related “network interruption” affected only Change Healthcare and that all its other systems are operational. Change Healthcare is a key intermediary in the $1.5-trillion U.S. health insurance market.

UnitedHealth is working with law enforcement and security experts but can’t say when the service will be restored, according to the filing. The company hasn’t determined that the attack is likely to affect its financial results, it said.

“Change Healthcare is experiencing a cybersecurity issue, and our experts are working to address the matter,” the Minnetonka, Minn.-based company said earlier in a statement on its website. “Once we became aware of the outside threat, in the interest of protecting our partners and patients, we took immediate action to disconnect our systems to prevent further impact.”

The incident is the latest in a series of attacks where hackers have compromised providers of back-end IT software and services — companies that are often little-known outside of their industries yet play critical roles in the normal functioning of such diverse entities as financial markets and government services — and triggered cascading disruptions across their customer bases.

Last month, for example, a ransomware attack against Tietoevry Oyj, a Finnish information technology company, crippled payroll and other services for government agencies and hospitals, retailers, cinemas and other customers throughout Sweden.

Three days later, a ransomware…

Source…

23andMe Blames Users for Recent Data Breach as It’s Hit With Dozens of Lawsuits


It’s been nearly two years since Russia’s invasion of Ukraine, and as the grim milestone looms and winter drags on, the two nations are locked in a grueling standoff. In order to “break military parity” with Russia, Ukraine’s top general says that Kyiv needs an inspired military innovation that equals the magnitude of inventing gunpowder to decide the conflict in the process of advancing modern warfare.

If you made some New Year’s resolutions related to digital security (it’s not too late!), check out our rundown of the most significant software updates to install right now, including fixes from Google for nearly 100 Android bugs. It’s close to impossible to be completely anonymous online, but there are steps you can take to dramatically enhance your digital privacy. And if you’ve been considering turning on Apple’s extra-secure Lockdown Mode, it’s not as hard to enable or as onerous to use as you might think.

If you’re just not quite ready to say goodbye to 2023, take a look back at WIRED’s highlights (or lowlights) of the most dangerous people on the internet last year and the worst hacks that upended digital security.

But wait, there’s more! Each week, we round up the security and privacy news we didn’t break or cover in depth ourselves. Click the headlines to read the full stories, and stay safe out there.

23andMe said at the beginning of October that attackers had infiltrated some of its users’ accounts and abused this access to scrape personal data from a larger subset of users through the company’s opt-in social sharing service known as DNA Relatives. By December, the company disclosed that the number of compromised accounts was roughly 14,000 and admitted that personal data from 6.9 million DNA Relatives users had been impacted. Now, facing more than 30 lawsuits over the breach—even after tweaking its terms of service to make legal claims against the company more difficult—the company said in a letter to some individuals that “users negligently recycled and failed to update their passwords following … past security incidents, which are unrelated to 23andMe.” This references 23andMe’s long-standing assessment that attackers compromised…

Source…

Russia blames US and Apple for hacking diplomat iPhones


 Kremlin

Kremlin

Russia has accused Apple and US intelligence agencies of collaborating to spy on its diplomats by hacking their iPhones.

The Federal Security Service (FSB) issued a statement to say that thousands of Apple devices belonging to Russian diplomats were infected with an unknown malware.

Separately, prominent antivirus firm Kaspersky reported another attack on iOS devices, which Russia’s computer security agency said was linked to the first.

Kaspersky report

A spokesperson for Kaspersky told The Record that “due to the absence of technical details reported,” the security company couldn’t confirm all the findings from the FSB.

Company CEO Eugene Kaspersky did say, though, that the attack it reported was “extremely complex” and “professionally targeted,” adding that, “several dozen iPhones of the company’s employees — both top and middle-management — were impacted.”

The FSB said that the malware also targeted devices outside of Russia and wireless subscribers who use SIM cards registered with diplomatic missions and embassies in Russia. This include those belonging to users located in some NATO bloc countries, as well as Israel, Syria and China.

read more

> PowerPoint files are being hacked to spread this new Russian malware

> Kaspersky hits back after users warned of Russian hacking threats

> Russia hacker group hijacks USB attacks by other criminals

The NSA declined to comment on the accusation from Russia that it colluded with Apple to spy on Russia. An Apple spokesperson said that “We have never worked with any government to insert a backdoor into any Apple product and never will.”

The Russian Ministry for Foreign Affairs also stated that the US was conducting global surveillance, adding that it has “placed itself above the law. No state has a right to abuse its technological capabilities.”

In March this year, Russian officials were told to get rid of their iPhones by Sergei Kiriyenko, First Deputy Chief of Staff of the Presidential Administration, due to the perceived risk of being hacked by western intelligence.

In Kaspersky’s report, the attack can be traced all the way back to 2019, with iOS 15.7 being the most version that the malware can successfully…

Source…

UK blames Russia for satellite internet hack at start of war



The attack began about an hour before Russia invaded Ukraine, on 24 February. It caused outages for several thousand Ukrainian customers – and affected windfarms and internet users in Central Europe.

Source…