At a glance.
- Healthcare data exposed in Adaptive Health data breach.
- No better time to schedule that dental check-up.
- Royal Army recruitment system still down after data leak.
Healthcare data exposed in Adaptive Health data breach.
Adaptive Health Integrations of Williston, a healthcare software and billing services provider based in the US state of North Dakota, sustained a cyberattack that impacted over half a million clients. SecurityWeek reports that the attack, which took place last October, was reported to federal government authorities earlier this month. In a press release, the company stated that the compromised data potentially included names, dates of birth, contact information, and Social Security numbers, but not all patients were impacted and not all of that data was exposed for each individual impacted. “Upon learning of the issue, we contained the threat by disabling unauthorized access to our network and commenced a prompt and thorough investigation with assistance from external cybersecurity professionals,” Adaptive Health has stated.
No better time to schedule that dental check-up.
The American Dental Association (ADA), the people behind those labels guaranteeing your toothpaste is doing its job, suffered a cyberattack on Friday, and ransomware gang Black Basta has taken credit. The attack led the ADA to shut down parts of its network, disrupting the operation of assorted online services, telephones, email, and webchat systems, as well as the websites of affiliated state dental associations that rely on the ADA for online support. Though the ADA initially told Bleeping Computer they were just experiencing technical difficulties, an email sent to members explains, “On Friday, the ADA fell victim to a cybersecurity incident that caused a disruption to certain systems, including Aptify and ADA email, telephone and Web chat. Upon discovery, the ADA immediately responded by taking affected systems offline and commenced an investigation into the nature and scope of the disruption…Federal law enforcement has been notified and we are cooperating with them in this active investigation, so we ask for your understanding that we must limit the amount of detail that we can share at this time.” Despite the ADA’s claims that there is no evidence that any member data was compromised, Black Basta has published 2.8GB of data they say they obtained during an attack. Screenshots indicate the data include W2 forms, NDAs, accounting spreadsheets, and ADA member info.
Royal Army recruitment system still down after data leak.
The UK Royal Army’s Defense Recruitment System (DRS), powered by IT outsourcing firm Capita, continues to experience technical difficulties more than a month after it was shut down in response to a cyberincident that possibly resulted in the theft of candidate data. Screenshots of data related to approximately one hundred twenty recruits was published on the dark web, but it’s unclear whether the system was hacked or if the threat actors merely obtained a screen-grab or printout of the info. An army spokesperson told the Guardian, “Following the compromise of a small selection of recruit data, the army’s online recruitment services were temporarily suspended pending an investigation. This investigation has now concluded allowing some functionality to be restored and applications to be processed.” While the timing of the incident coinciding with the war in Ukraine has some experts wondering if Russia could be behind the attack, Ministry of Defense sources have declined to comment on the possible perpetrators. Though the internal DRS network has been restored, the external online portal is still down, forcing the army to resort to using emergency systems to process candidate recruitment for the last five weeks. The Information Commissioner’s Office is aware of the incident, but has stated, “after making inquiries and carefully reviewing the information provided, we decided no further action was needed at this time.”