UnitedHealth Cyberattack Results in Class Action Lawsuits, Change Healthcare Makes a $22 Million Ransom Payment, Houser LLP and Epic Games Data Breached, OKTA Phishing Continues.
UnitedHealth Cyberattack is ‘A Mess’, Ongoing Fallout Poses Threat to Financial Health of Medical Providers
The ALPHV/BlackCat ransomware attack on UnitedHealth’s Change Healthcare disrupted billing systems. Minnesota providers said claims payments were delayed weeks, causing cash flow issues. Lawsuits followed claiming that UnitedHealth failed to prevent the attack. Pharmacies struggled to submit Medicare claims despite workarounds. Hospitals implemented manual processes but filing claims to insurers remained difficult. Read more
AlphV Received a $22 Million Payment After Change Healthcare Ransomware Attack, the Second Largest Ransom Payment!
Bitcoin blockchain showed a $22 million payment to an AlphV wallet after the Change Healthcare ransomware attack. An AlphV affiliate claimed this came from Change Healthcare but they were unpaid. Researchers have traced the wallet to AlphV. The large sum worries about encouraging more healthcare attacks. Read more
American Express Data Breach Exposed Credit Card Data and Personal Information of Customers
American Express notified customers of a breach at a third-party merchant processor compromising credit card numbers, names and expiration dates. While American Express systems avoided direct access, notifications advise monitoring statements for fraudulent activity over 12-24 months. Specific breach details remain unspecified, but American Express has responded by notifying regulators and potentially reissuing cards. Read more
City of Hamilton Hit by Ransomware Attack
A ransomware attack disrupted many of Hamilton city’s services for over a week by shutting phone lines, council work and apps. Officials are working with cybersecurity experts but won’t confirm the ransom amount or attackers’ location. Impacted services include engineering, libraries, health programs and transit operations. Personal data is believed uncompromised as police continues investigation. Read more
Class Action Lawsuits Follow Houser LLP Data Breach
A class action lawsuit was filed against Houser LLP for its May 2023 data breach. The lawsuit alleges the firm’s delay in notifying affected individuals of over 10 months caused time and money costs. It seeks class certification for negligence related to securing files exposed to hackers. The complaint says Houser became aware after discovering encrypted files and stolen personal information. The “McMillen v. Houser LLP” federal case seeks damages for negligence. Read more
Ukraine Claims Russian Defense Ministry Hacked by GUR
The Ukrainian GUR claims to have breached Russian MOD servers through a “special operation”, acquiring secret documents including orders, reports and organizational structures. They obtained information on 2000 units and key personnel within the MOD software systems. Screenshots were provided as evidence but Russian MOD authentication was not verified. The GUR has asserted other Russian breaches in the past but provided no claims of data destruction here. Read more
Fortnite game Developer Epic Games Breached by Mogilevich Ransomware
A new ransomware group called Mogilevich claimed to breach Epic Games, obtaining 189GB including emails, passwords, payment data and source code. They offered the data for sale by March 4th but provided no evidence. Epic found no breach evidence after investigating and contacted Mogilevich, who only offered evidence in exchange for money. Read more
‘UNC1945’ Uses GTPDOOR Linux Malware to Target Mobile Operators
The threat actor group UNC1945 developed a new Linux backdoor called GTPDOOR targeting mobile carrier networks. It utilizes GPRS protocol to covertly communicate and targets core network devices like SGSN, GGSN and P-GW. GTPDOOR has capabilities to alter configs, run commands and uses encrypted keys and IP filtering for stealth. Read more
Hackers Leverage Okta Phishing Attacks to Target FCC and Popular Crypto Firms
Hackers are using a sophisticated phishing kit called CryptoChameleon to target the FCC and crypto firms like Binance, Coinbase etc. via Okta phishing. The kit creates realistic Okta login pages using domains similar to legitimate ones. Victims receive social engineering emails, texts or calls before being directed to phishing pages. The logs showed over 100 victims compromised. The kit remains active targeting more credentials each hour. Read more
