Fortra’s attack has left companies and individuals scrambling to defend themselves against a new wave of ransomware. The children’s virtual mental health care startup, Sensitivity Corner, was the latest victim to fall prey to the hackers. Sensitivity Corner is a software that helps parents better understand their children’s emotions and reactions. CEO, Bonnie Weissman, said that Fortra’s attack has caused them severe financial losses and disrupted their operations. She added that they are working hard to resume normal services as soon as possible.
At the time of the breach, Brightline was providing electronic health records for Blue Shield of California customers. Infected files included social security numbers, dates of birth, and other sensitive information. In response to the disclosure, Blue Shield has implemented increased security measures across its GoAnywhere tool.
Brightline may have been one of the many companies that endured a data breach in 2018. The company provides therapy and coaching to children, so any stolen or unreleased data could be damaging to its reputation.
Assuming the breach did indeed involve attackers accessing and exfiltrating the personal data of more than 63,000 patients, it is likely that this data was stolen in order to exploit other vulnerabilities that may exist on these individuals’ systems. In light of this information, organizations should take steps to bolster their security measures and ensure that they are fully patched against known security flaws.
As Clop’s dark web leak site says, the gang plans to release the data stolen from Brightline “soon.” This information could be useful to investigators investigating the heist, but it’s unclear when precisely this will happen.
Brightline is facing a data breach that could affect 63,000 individuals. The company has not yet acknowledged the breach, and it’s unclear how many of Brightline’s child users are affected. This suggests that the company may not be taking user security seriously enough.
The Blue Shield of California data breach includes the personal information of at least 78,000 patients. Patients’ names, addresses, dates of birth, gender, Blue Shield subscriber ID numbers, phone numbers, e-mail addresses and plan names and plan group numbers were all compromised in the attack.
While it’s not yet clear what information was accessed by the Clop group, healthcare companies are likely at risk because they hold a lot of personal data about their customers. The Clop group has already targeted other 130 organizations, so it is possible that more healthcare companies will be affected in the future.
Cybersecurity experts warn that healthcare organizations could be vulnerable to attacks due to the recent Fortra vulnerability.HC3, a government-backed center that coordinates security for healthcare organizations, has issued a warning in order to help safeguard against Clop’s attacks. One potential attack vector exploit of the Fortra vulnerability could be via patient data mistreatment or evenunauthorized access to sensitive files stored on healthcare institutions’ systems.
Investissement Québec is the latest target of the group’s cyberattacks, which began in late 2014. The attacks have targeted a variety of organizations andfinancial institutions across North America, Europe and Asia.
As events unfolded, it became clear that Virgin Red’s files may have been affected by a cyber-attack. The company was contacted by Clop, who advised them of the situation and offered to help the company recover their data. However, Virgin Red later discovered that attackers had illegally obtained some of their information through a cyber-attack on their supplier GoAnywhere. This revelation led to tension between Clop and Fortra; while GoAnywhere assured Fortra that Virgin Red’s data was safe, Clop urged the company to take more severe measures in order to protect themselves.
Frequent TechGround questions about Fortra and its business practices go unanswered by the company’s spokespeople. Those who have attempted to get information from the company have been met with silence or dismissals. Whether this is due to a lack of transparency on Fortra’s part or an unwillingness on the part of Devine and Woodford to provide any information is unclear, but it leaves readers with more questions than answers.
