Cyber Attacker Sentenced to 10 Years for Major Data Breaches Targeting Healthcare Providers

A man in Idaho going by the aliases of "Lifelock," "Studmaster," and "Studmaster1” has been sentenced to 10 years in prison after pleading guilty to targeting multiple healthcare providers in a series of cyberattacks.  

The data breaches happened after the perpetrator obtained medical office credentials from the dark web in Summer 2017.  

The initial target was a medical clinic in Georgia, where he successfully obtained the personal identifying information of over 43,000 individuals.

Massachusetts Accounting Firm Pays Ransom to Protect Data of Nearly 40,000 Residents After Cyber Breach

In January 2024, an accounting firm in north-central Massachusetts learned that data had been exfiltrated from its server network, and the perpetrator was demanding ransom for its deletion. 

According to a letter sent to the Attorney General of New Hampshire, the firm worked with the FBI to determine that the perpetrator was a legitimate threat actor, and negotiated paying their ransom.

Kaseya Report: Human Error Triples as Cybersecurity Threats Rise

By focusing on their employees, organizations can better protect themselves against ever-evolving cyber threats, according to the Kaseya Cybersecurity Survey Report 2024: Navigating the New Frontier of Cyber Challenges.

“The human element continues to be the weakest link in cybersecurity,” the report states.

Spoofed Website Causes Massachusetts Payroll Shutdown

In early October, the Commonwealth of Massachusetts’ payroll system became compromised due to a credential harvesting campaign, a cyberattack technique where attackers steal personal or financial data from users. The system was effectively shut down and unavailable to employees for a number of days.

Aramark Employees Victim to Payroll Heist

Aramark, a giant in the service industry, recently found itself in the middle of a digital heist. At the end of the Summer, Aramark discovered that cybercriminals had crafted a fake payroll website to trick employees into handing over their login details.

Providence Public Schools Hit by Ransomware Attack

A ransomware group known as Medusa has allegedly breached Providence Public Schools, exfiltrating 201.4GB of data. The group demanded a ransom of $1,000,000 with a deadline of September 25th, according to HackManac, a Twitter account dedicated to maintaining a repository of verified cyberattacks.

#Protect2024: Ensuring Election Security

With election security being a top priority, The Cybersecurity & Infrastructure Security Agency (CISA) is stepping up its game to ensure the integrity of the nation's elections infrastructure with #Protect2024, which states on its website that its mission is to “Help election officials and election infrastructure stakeholders protect against the cyber, physical, and operational security risks to election infrastructure during the 2024 election cycle.

Flint, Michigan latest municipality hit by Ransomware

The City of Flint, Michigan, was hit by a ransomware attack on August 14, 2024, that disrupted its network and internet service. The attackers demanded a ransom to restore the system, but the city refused to pay. The FBI and the Attorney General's Office are investigating the incident, while the city's IT department is working with cyber security experts to recover the data and restore the service.