Breach Notification , Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime
Client Says Third-Party Administrator Paid for Promise to Destroy Exfiltrated Data Marianne Kolbasuk McGee (HealthInfoSec) • March 24, 2021A third-party claims administrator of health and social services programs for the elderly apparently paid a ransom to Netwalker attackers about a month before global law enforcement officials disrupted the gang in January.
See Also: Live Webinar | Mitigating the Risks Associated with Remote Work
In a breach notification provided to the California attorney general's office, Los Angeles-based Brandman Centers for Senior Care says it was informed on Jan. 23 by its health plan management services vendor, PeakTPA, of a ransomware attack on Dec. 31 affecting data of Brandman program participants.
PeakTPA "paid a ransom on Jan. 2 and received evidence that all information obtained [by attackers] was destroyed on Jan. 3," the Brandman statement notes.
In its own notice posted on its website, St. Louis, Missouri-based PeakTPA says the ransomware attack affected two of its cloud servers.
PeakTPA notes that on Jan. 27, "the criminal group behind the attack, Netwalker, was broken up by the FBI. Its leader was arrested, and its assets were seiz ..
Support the originator by clicking the read the rest link below.