Viewing entries tagged
ransomware

Ransomware attack on Sacramento Bee database exposes 19.5M California voter records

The Sacramento Bee deleted two databases hosted by a third party after a ransomware attack exposed the voter records of 19.5 million California voters and contact information for 53,000 current and former subscribers to the newspaper.

The paper refused to pay the hackers' demand for a bitcoin ransom and is notifying subscribers whose information was affected, according to its publisher Gary Wortel, who also serves as west regional publisher at parent company McClatchy.

The Sacramento Bee said in a statement that a firewall protecting its database was not restored during routine maintenance last month, leaving the 19,501,258 voter files publicly accessible for two weeks. Additionally, the names, home addresses, email addresses, and phone numbers of 52,873 Sacramento Bee subscribers, who activated their digital accounts prior to 2017, were compromised.

Indiana Health System Pays $47,000 Ransom to Unlock Patient Data

Indiana hospital system, Hancock Health, said it paid hackers 4 bitcoin, or about $47,000, to unlock it’s network after a ransomware attack on January 11, 2018.

Hackers compromised a third-party vendor’s administrative account to the hospital’s remote-access portal and launched SamSam ransomware, a ransomware variant which encrypts data files on the systems and uses a private key to unlock them. It quickly infected the hospital’s IT system by locking out data and changing the names of more than 1,400 files to "I'm sorry."