Tag Archive for: probe

Fujitsu Confirms It Was Hacked Via Malware, Says Probe Ongoing


Fujitsu Limited reported that the attack, which exposed employee and customer information, came from malware that impacted an unspecified number of the company’s work PCs.


Tokyo-based Fujitsu Limited Friday said it suffered a data breach, which resulted in files containing customer information that could have been accessed by unauthorized people.

Fujitsu, in the English translation of an online statement, wrote that it confirmed the presence of malware on several of its work computers, and after an internal investigation, found that “files containing personal information and customer information could be illegally taken out.”

“After confirming the presence of malware, we immediately disconnected the affected business computers and took measures such as strengthening monitoring of other business computers. Additionally, we are currently continuing to investigate the circumstances surrounding the malware’s intrusion and whether information has been leaked,” Fujitsu wrote.

[Related: 10 Major Cyberattacks And Data Breaches In 2023]

Fujitsu also said it has reported the breach to Japan’s Personal Information Protection Commission, and that it has yet to receive reports whether information about the company’s personnel or its customers has been misused.

Japan’s Personal Information Protection Commission, the chairman of which is appointed by Japan’s Prime Minister, provides security policies, mediation of complaints, and international cooperation.

So far, based on the statement, it appears that the impact of the breach is limited to Japan, but it could be more widespread.

CRN reached out to Fujitsu for more information, but had not received a response by press time.

Fujitsu is a global electronics and IT manufacturer with 124,000 employees and annual revenue of about $25 billion.

2024 has been a big year for data breaches. The U.S. alone in January saw 336 publicly disclosed security incidents, which according to security provider IT Governance was 7 percent of the world’s total…

Source…

HHS launches probe into UnitedHealth over ransomware attack on subsidiary


The Department of Health and Human services is probing Change Healthcare parent company UnitedHealth amid several weeks of prescription routing backlogs and clinical disruptions that resulted from a crippling ransomware attack late last month, the agency announced Wednesday.

The probe will specifically examine UnitedHealth’s compliance with the Health Insurance Portability and Accountability Act, or HIPPA, that is meant to enforce safeguards for patients’ healthcare data.

The HHS Office of Civil Rights said that it’s in “the best interest of patients and health care providers” to examine the healthcare giant, which provides health insurance services for millions of Americans and participating employers.

“Our immediate focus is to restore our systems, protect data and support those whose data may have been impacted,” UnitedHealth said in a press statement, which adds the company is “working with law enforcement to investigate the extent of impacted data.”

White House officials on Tuesday met with healthcare policy participants and agency heads to discuss the incident, which included UnitedHealth CEO Andrew Witty. 

The cyberattack, claimed by the ALPHV/Blackcat ransomware gang, has roiled Change Healthcare, one of the largest healthcare payment systems in the U.S. The incident has delayed prescription fillings and has led to cash crunches at clinics and other facilities. The disruptions are causing some providers to lose upwards of $1 billion per day in revenues.

Change Healthcare reportedly made a $22 ransom payment to the hackers. Soon after, the cybercrime collective appeared to stage a fake takedown of their site. Analysts expect the group to reemerge under a new name.

Officials this past week rolled out emergency financing plans that would accelerate payments to certain providers and suppliers experiencing shortfalls in funding.

The cyberattack is arguably the most consequential cyberthreat facing a major U.S. healthcare service in recent memory, with some lawmakers including Senate Intelligence Committee Chair Mark Warner, D-Va., ready to introduce legislation to provide for accelerated and advanced payments to providers and vendors affected by future…

Source…

Feds probe $283,000 email hack


Nov. 17—TRAVERSE CITY — A September email hack netting a scammer $283,000 in Medicaid reimbursement funds is now being investigated by the U.S. Dept. of Homeland Security.

“There is an agent out of Grand Rapids doing a forensic investigation,” said Brian Martinus, interim CEO of Northern Lakes Community Mental Health Authority.

“They’re working with Northern Lakes and GTI to see if we can recover some of those assets back to the agency,” Martinus said Thursday during a Northern Lakes board meeting.

Traverse City Police previously confirmed the hacker, falsely posing as a representative of Grand Traverse Industries, emailed Northern Lakes asking for banking information.

An unnamed staffer or staffers with Northern Lakes responded by providing the information, police said, and that’s when the theft took place.

Capt. Keith Gills confirmed Thursday that local police have provided information to the federal agency, and that they’re working together on the case.

Gillis said subpoenas have been issued to area banks, their response has been slow and the federal agent assigned to investigate is likely tracking the hacker’s IP address — internet protocol, or the unique number linked to all online activity.

“They used a computer and that leaves a trail,” Gillis said.

This is the second time Martinus has updated Northern Lakes board members on the case, an example of how leaders say they are focused on improving transparency of an organization that has faced a series of financial and other challenges.

The Northern Michigan Regional Entity, which manages Medicaid funds for Northern Lakes, is essentially functioning as an emergency manager after Northern Lakes in September placed two executives on administrative leave and the human resources officer was fired.

Joanie Blamer, chief operations officer, and Lauri Fischer, chief financial officer, remain on paid leave, pending an investigation, Martinus previously said, adding that the decisions were unrelated to the email hack.

Northern Lakes contracted with a professional advisory firm, Rehmann, to take on the responsibilities of a CFO for $45,000 a month beginning Oct. 1, an agreement provided to the Record-Eagle shows.

Rehmann’s Richard Carpenter…

Source…

iPhone Hacking: Notice sent to Apple, CERT-In has started probe: IT Secretary on hacking attempt threat notification row


iPhone Hacking: The government’s cybersecurity agency CERT-In has started its investigation into the issue of the Apple threat notification received by several opposition MPs, and a notice has been sent to the company, IT Secretary S Krishnan said on Thursday.

The move assumes significance as the Minister of State for Electronics and IT Rajeev Chandrasekhar had earlier this week said that the government wants Apple to clarify if its devices are secure and why ‘threat notifications’ were sent to people in over 150 countries, given the company’s repeated claims about its products being designed for privacy.

The government will investigate the threat notifications and also Apple’s claims of being secure and privacy-compliant devices, Chandrasekhar had penned in a post on X (formerly Twitter) on Tuesday, after several opposition leaders claimed ‘state-sponsored’ attack notification were sent to them from Apple and the government ordered a probe.

IT Minister Ashwini Vaishnaw has categorically rejected the opposition’s attack on the government, saying “compulsive critics” were indulging in the politics of “distraction”, as they could not tolerate the country’s progress under the PM’s Narendra Modi leadership.
On Thursday, S Krishnan, Secretary, IT Ministry confirmed that notice has been sent to Apple.

“CERT-In has started its probe… They (Apple) will cooperate in this probe,” Krishnan told reporters on the sidelines of an event related to the Meity-NSF research collaboration.

Indian Computer Emergency Response Team or CERT-In is the national nodal agency for responding to computer security incidents as and when they occur.

Asked if a notice has been sent to Apple, the IT Secretary answered in the affirmative. Apple did not reply to an email by PTI seeking comments on the notice.

Several opposition leaders on Tuesday claimed they have received an alert from Apple warning them of “state-sponsored attackers trying to remotely compromise” their iPhones and alleged hacking by the government.

Those who received such notifications included Congress chief Mallikarjun Kharge, party leaders Shashi Tharoor, Pawan Khera, K C Venugopal, Supriya Shrinate, T S Singhdeo and Bhupinder S Hooda; Trinamool…

Source…