SecurityWeek reports that 34 healthcare providers and insurance carriers have been impacted by a data breach that hit OneTouchPoint, a mailing and printing services provider.
Wisconsin-based OneTouchPoint disclosed that it had been impacted by a ransomware attack in late April, resulting in the compromise of system-stored personally identifiable information from its customers, including names, birthdates, addresses, member IDs, service dates, service description, diagnosis codes, and health evaluation data, with one customer also having Social Security numbers compromised.
The Blue Shield of California Promise Health Plan and the Arkansas Blue Cross and Blue Shield have already notified patients regarding the intrusion after being made aware of the impact of the OneTouchPoint ransomware attack on their subcontractor Matrix Medical Network.
However, details regarding the total number of individuals who may have been affected remain lacking. There has also been no information from OneTouchPoint regarding the kind of ransomware used in the attack.
Operations of California's Solano Partner Libraries and St. Helena, or SPLASH, continue to be interrupted weeks after the county's library network was targeted by a ransomware attack earlier this month, StateScoop reports.
Several rootkit-like capabilities could be obtained by threat actors through the exploitation of vulnerabilities in Windows' DOS-to-NT path conversion process, including file and process concealment and compromised prefetch file analysis, reports The Hacker News.
Open-source DevOps software project GitLab has also been impacted by the same security issue in GitHub comments that has been exploited by threat actors through Microsoft repository-linked URLs to facilitate the distribution of malware that was made to seem to originate from credible entities' official source code repositories, according to BleepingComputer.