The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) today announced a settlement with Spencer Gifts LLC Flexible Benefits and Welfare Benefit Plans (the Plan), the employer-sponsored group health plan of Spencer Gifts LLC, a national retail company, over potential violations of the Health Insurance Portability and Accountability Act of...

Source

In February 2025, after the Medusa ransomware gang claimed responsibility for an attack on the UK healthcare provider HCRG Care Group, HCRG confirmed it had been breached but would only say it was investigating. While they remained silent, SuspectFile obtained and reported on data provided to them by Medusa. SuspectFiles‘s reporting made it clear that...

Source

Louise Hickey reports: The HSE has been fined €300,000 by the Data Protection Commission (DPC) over a breach of patient’s personal data in 2018 at the Midland Regional Hospital, Tullamore. The Data Protection Commission has announced its final decision on the fine following an inquiry into a ransomware attack on the laboratory information system in...

Source

On June 8, Andrew Simpson reported:  Chelan County entered its third week of system-wide disruptions Monday following a malware incident discovered over Memorial Day weekend, with officials saying they still do not have a timeline for restoring affected systems. According to a June 8 update, county officials became aware of malware affecting the county network...

Source

Shane Fraser reports: A Saskatoon man who allegedly conspired to install malware, steal login credentials, and mine cryptocurrency from American educational institutions is facing extradition to the United States. The cyberattack accusations were levelled against Ryan James Roach in Saskatoon Court of King’s Bench, where he was ordered to be taken into custody to await extradition following...

Source

Mason Lewsey reports: Thousands of Essex patient records were compromised in a cyber attack linked to a major NHS data breach, MSE has confirmed. Mid and South Essex NHS Foundation Trust revealed that around 2,380 patient test records were stolen in the attack, which affected data held by third-party provider Synnovis. The trust operates Southend...

Source

Alice Cooper’s “School’s Out” became the traditional end-of-year song for millions of students since it was first recorded in 1972. But it really is out for summer for Evanston Township High School — at least so far —  because of a ransomware attack. ABC News reports that summer school, sports camps, and on-campus activities are...

Source

There is an update to an arrest made in Greece in November as part of Operation Endgame. Ekathimerini reports: A 39-year-old Albanian national known online as “Venom” was extradited to France in mid-May after his arrest last November at his apartment in the Nikaia district of Athens. The suspect, who described himself as a construction...

Source

Tushar Subhra Dutta reports: Hackers have found a new and alarming way to weaponize one of the most trusted platforms in the AI world. A threat actor linked to North Korea has embedded second-stage malware inside Hugging Face, the widely used AI and machine learning hub, effectively turning it into a malware delivery channel and...

Source

Sergiu Gatlan reports: GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension. The company has since removed the unnamed trojanized extension from the VS Code marketplace and has secured the compromised device. “Yesterday we detected and contained a compromise of an employee device...

Source

In August 2025, research agency Bevolkingsonderzoek Nederland revealed that half a million women who had undergone cervical cancer screening had their data stolen. The research agency paid Nova ransomware gang’s demand, which Nova confirmed, but then the criminals turned around and seemingly demanded even more money because the lab had spoken with police. Or at...

Source

From the DOJ’s press release: A Latvian national was sentenced today to 102 months in prison for his role in a major Russian ransomware organization that stole from and extorted over 54 companies. According to court documents, Deniss Zolotarjovs (Денисс Золотарёвс), 35, of Moscow, Russia, was a member of a ransomware organization led by former...

Source

DysruptionHub reports: Kentwood Public Schools said districtwide Wi-Fi was disrupted after a student used malicious software designed to interfere with the school system’s network. The district said outside experts helped isolate the issue, which affected Wi-Fi connectivity across its schools, and that the problems “appear” to have been resolved. Kentwood Public Schools serves students in...

Source

There is an update on the criminal cases against Ryan Goldberg and Kevin Martin, security professionals who turned to the dark side and cut a deal with ALPHV/BlackCat operators to use their ransomware and pay BlackCat 20% of whatever they collected in ransom. From the DOJ’s press release today: Two American cybersecurity professionals were sentenced...

Source

Check Point Researchers recently dug into all three versions of VECT’s ransomware. And what they found should concern anyone who discovers they have been locked by it. From their blog post: Ransomware is supposed to be reversible. The attacker locks your files, holds the key, and returns it when you pay. That’s the business model. VECT’s software...

Source

Data from Japanese firms indicates that paying ransom is unlikely to enable full recovery of encrypted data. Japan Today reports: At least 222 Japanese companies have paid ransomware attackers in the past, yet about 60 percent of them still failed to recover their data, according to a recent survey. Of 1,107 firms that responded to...

Source

Michael Martin reports:  Cherry Health says it is dealing with ongoing technology issues, but days into the disruption, officials have not explained what’s causing them. In a notice posted to their website, the health system said it is “experiencing technology issues across Cherry Health, including our phone system.” Their clinics remain open for scheduled visits....

Source

Kenneth Araullo reports: A single ransomware crew exploiting a single brand of firewall is now driving nearly half of all cyber insurance claims, At-Bay has warned, in a finding that recasts how underwriters and brokers should be thinking about risk selection. The cyber carrier’s 2026 InsurSec Report, drawn from more than 6,500 claims and 100,000...

Source

Oh Seok-min reports: Personal information of around 100,000 customers has been leaked from a golf course, prompting a police investigation, sources said Sunday. The Korean National Police Agency is probing the case after the website of Lee & Lee Country Club in the county of Gapyeong, about 55 kilometers northeast of Seoul, was hacked, with...

Source

From the so-there-they-are! dept Out of sight, out of mind? It seems like ages ago that DataBreaches last reported on the Trigona ransomware group, but it was actually in September 2023. After that, DataBreaches lost track of them, and after a few months, concluded that they had disappeared or disbanded. But a check of ransomlook.io...

Source