This Week in Cybersecurity – 04th March to 08th March UnitedHealth Cyberattack Fallout Stretches Beyond Class Action Lawsuits

Written by Mitchell Langley

March 11, 2024

This Week in Cybersecurity – 04th March to 08th March: UnitedHealth Cyberattack Fallout Stretches Beyond Class Action Lawsuits

UnitedHealth Cyberattack Results in Class Action Lawsuits, Change Healthcare Makes a $22 Million Ransom Payment, Houser LLP and Epic Games Data Breached, OKTA Phishing Continues.


UnitedHealth Cyberattack is ‘A Mess’, Ongoing Fallout Poses Threat to Financial Health of Medical Providers

The ALPHV/BlackCat ransomware attack on UnitedHealth’s Change Healthcare disrupted billing systems. Minnesota providers said claims payments were delayed weeks, causing cash flow issues. Lawsuits followed claiming that UnitedHealth failed to prevent the attack. Pharmacies struggled to submit Medicare claims despite workarounds. Hospitals implemented manual processes but filing claims to insurers remained difficult. Read more

AlphV Received a $22 Million Payment After Change Healthcare Ransomware Attack, the Second Largest Ransom Payment!

Bitcoin blockchain showed a $22 million payment to an AlphV wallet after the Change Healthcare ransomware attack. An AlphV affiliate claimed this came from Change Healthcare but they were unpaid. Researchers have traced the wallet to AlphV. The large sum worries about encouraging more healthcare attacks. Read more

American Express Data Breach Exposed Credit Card Data and Personal Information of Customers

American Express notified customers of a breach at a third-party merchant processor compromising credit card numbers, names and expiration dates. While American Express systems avoided direct access, notifications advise monitoring statements for fraudulent activity over 12-24 months. Specific breach details remain unspecified, but American Express has responded by notifying regulators and potentially reissuing cards. Read more

City of Hamilton Hit by Ransomware Attack

A ransomware attack disrupted many of Hamilton city’s services for over a week by shutting phone lines, council work and apps. Officials are working with cybersecurity experts but won’t confirm the ransom amount or attackers’ location. Impacted services include engineering, libraries, health programs and transit operations. Personal data is believed uncompromised as police continues investigation. Read more

Class Action Lawsuits Follow Houser LLP Data Breach

A class action lawsuit was filed against Houser LLP for its May 2023 data breach. The lawsuit alleges the firm’s delay in notifying affected individuals of over 10 months caused time and money costs. It seeks class certification for negligence related to securing files exposed to hackers. The complaint says Houser became aware after discovering encrypted files and stolen personal information. The “McMillen v. Houser LLP” federal case seeks damages for negligence. Read more

Ukraine Claims Russian Defense Ministry Hacked by GUR

The Ukrainian GUR claims to have breached Russian MOD servers through a “special operation”, acquiring secret documents including orders, reports and organizational structures. They obtained information on 2000 units and key personnel within the MOD software systems. Screenshots were provided as evidence but Russian MOD authentication was not verified. The GUR has asserted other Russian breaches in the past but provided no claims of data destruction here. Read more

Fortnite game Developer Epic Games Breached by Mogilevich Ransomware

A new ransomware group called Mogilevich claimed to breach Epic Games, obtaining 189GB including emails, passwords, payment data and source code. They offered the data for sale by March 4th but provided no evidence. Epic found no breach evidence after investigating and contacted Mogilevich, who only offered evidence in exchange for money. Read more

‘UNC1945’ Uses GTPDOOR Linux Malware to Target Mobile Operators

The threat actor group UNC1945 developed a new Linux backdoor called GTPDOOR targeting mobile carrier networks. It utilizes GPRS protocol to covertly communicate and targets core network devices like SGSN, GGSN and P-GW. GTPDOOR has capabilities to alter configs, run commands and uses encrypted keys and IP filtering for stealth. Read more

Hackers Leverage Okta Phishing Attacks to Target FCC and Popular Crypto Firms

Hackers are using a sophisticated phishing kit called CryptoChameleon to target the FCC and crypto firms like Binance, Coinbase etc. via Okta phishing. The kit creates realistic Okta login pages using domains similar to legitimate ones. Victims receive social engineering emails, texts or calls before being directed to phishing pages. The logs showed over 100 victims compromised. The kit remains active targeting more credentials each hour. Read more

Related Articles

Daixin Ransomware Claims Omni Hotels Cyberattack

Daixin Ransomware Claims Omni Hotels Cyberattack

The Daixin Team ransomware gang has taken responsibility for a recent cyberattack on Omni Hotels & Resorts and is currently issuing threats to publish sensitive customer information unless a ransom is paid. This development comes after the hotel chain experienced...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

 

Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!