fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Lorien Health Services Discloses Ransomware Attack Affecting Nearly 50,000

Lorien Health Services Discloses Ransomware Attack Affecting Nearly 50,000

Lorien Health Services in Maryland announced that it was the victim of a ransomware incident in early June. Data was stolen and then encrypted during the incident.

Responsible for the attack are Netwalker ransomware operators, who leaked the information after Lorien refused to pay the ransom demand.

Social Security numbers accessed

A family-owned nursing home for the elders, Lorien Health Services runs nine locations in  Baltimore, Carroll, Harford, and Howard counties, as well as a rehabilitation and fitness facility.

The company says that the incident was detected on June 6 and contracted services of cybersecurity experts to start an investigation and determine the impact.

After four days, the verdict was that personal information had been accessed by the hackers and it “may have included residents’ names, Social Security numbers, dates of birth, addresses, and health diagnosis and treatment information.” Employee data was also accessed.

According to the breach notification sent to the Secretary of Health and Human Services, the number of impacted individuals is 47,754.

Although Lorien just announced the breach publicly, Netwalker operators made the incident known in mid-June, publishing screenshots of directory listings with 2020 date stamps and admission records as proof of compromise.

Also read: 12 brief explanation about the benefits of data protection for business success

Netwalker leaks Lorien data

At the moment, some of the data has been dumped online. A password-protected archive of 147MB is currently available via a file-sharing service.

The hackers also published the unlock key for the archive and labeled this cache “Part 1,” indicating that they may leak more data in the future.

Netwalker ransomware operation started under the name Mailto in October 2019 and rebranded in February this year.

Their targets include corporate networks vulnerable to remote desktop hacks but as the Lorien incident shows, they are not picky about who they attack as long as they get paid.

As it typically happens with these attacks, the business informed the FBI and is cooperating with the service providing details that may help catch the perpetrators.

Lorien sent notification letters to “all potentially impacted residents” on June 16, two days after the hackers announced a successful attack. The letters included details about the attack and the options for protecting personal information, along with complimentary credit monitoring and identity protection services.

Also read: Completed DPIA Example: 7 Simple Helpful Steps To Create

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us