More than 460,000 patients, employees, and vendors had their data compromised following a ransomware attack against Pennsylvania-based nonprofit health provider Maternal & Family Health Services, according to TechCrunch.
Such a ransomware attack was initially disclosed by MFHS only last week even after being aware of the incident since April and noting that compromise may have begun as early as August 2021, with a newly released Maine Attorney General's Office notification stating that 461,070 individuals have been impacted.
Data breach notification letters sent by MFHS to affected individuals detailed that sensitive data including names, birthdates, addresses, Social Security numbers, driver's license numbers, usernames and passwords, health insurance and medical details, and credit and debit card numbers have been accessed by still unknown attackers.
MFHS has not confirmed whether it paid any demanded ransoms, as well as disclosed the reason why it put off an earlier disclosure of the cyber incident.
No ransomware operation has also admitted to being behind the attack.
Operations of California's Solano Partner Libraries and St. Helena, or SPLASH, continue to be interrupted weeks after the county's library network was targeted by a ransomware attack earlier this month, StateScoop reports.
Several rootkit-like capabilities could be obtained by threat actors through the exploitation of vulnerabilities in Windows' DOS-to-NT path conversion process, including file and process concealment and compromised prefetch file analysis, reports The Hacker News.
Open-source DevOps software project GitLab has also been impacted by the same security issue in GitHub comments that has been exploited by threat actors through Microsoft repository-linked URLs to facilitate the distribution of malware that was made to seem to originate from credible entities' official source code repositories, according to BleepingComputer.