Ohio-based healthcare provider Kettering Health cancelled patient procedures and appointments following a cyberattack that crippled its systems. The non-profit, which operates 14 hospitals and over 100 outpatient facilities across the state, confirmed the incident on Tuesday, May 20.
The cyberattack significantly impacted Kettering Health’s call centers and patient care systems, prompting the cancellation of both elective inpatient and outpatient procedures. The organization assured patients that affected appointments would be rescheduled and updates would follow.
“Our call center is also down and may be unreachable at this time,” the company stated, urging patients to remain alert to phishing scams. Kettering Health warned that scammers might attempt to exploit the situation and emphasized that it would temporarily suspend phone-based payment requests as a precaution.
According to CNN, the ransomware group Interlock has claimed responsibility for the attack. The group threatened to leak sensitive data unless a ransom is paid, stating, “Your network was compromised, and we have secured your most vital files.”
Interlock, an emerging ransomware gang active since late 2024, has gained notoriety with a string of attacks—16 confirmed and 17 unverified, according to Rebecca Moody, head of data research at Comparitech. The group previously breached DaVita, a national kidney care provider, and recently targeted a school network in West Lothian, Scotland, leaking 3.3 million files online.
Kettering Health continues to assess the damage and work toward restoring systems while cooperating with authorities.
Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.
News Source: ITPro.com
Emera Inc. and Nova Scotia Power today announced, on April 25, 2025 they discovered and are actively responding to a cybersecurity incident involving unauthorized access into certain parts of its Canadian network and servers supporting portions of its business applications.
Immediately following detection of the external threat, the companies activated their incident response and business continuity protocols, engaged leading third-party cybersecurity experts, and took actions to contain and isolate the affected servers and prevent further intrusion. Law enforcement officials have been notified.
There remains no disruption to any of our Canadian physical operations including at Nova Scotia Power’s generation, transmission and distribution facilities, the Maritime Link or the Brunswick Pipeline, and the incident has not impacted the utility’s ability to safely and reliably serve customers in Nova Scotia. There has been no impact to Emera’s U.S. or Caribbean utilities.
Emera will release its Q1 Financial Statements and Management Disclosure and Analysis on May 8, 2025, as planned. At this time, the incident is not expected to have a material impact on the financial performance of the business.
Our IT team is working diligently with cyber security experts to bring the affected portions of our IT system back online.
Nova Scotia Power customers can find the latest updates at nspower.ca.
Forward Looking Information
This news release contains forward-looking information within the meaning of applicable securities laws, including without limitation, statements about Emera’s response to and the scope and impacts of the cybersecurity incident, the level of disruption and expectations about its impact on financial performance and timing of financial reporting. Undue reliance should not be placed on this forward-looking information, which applies only as of the date hereof. These statements and expectations may be impacted by a number of factors including availability of resources and continued analysis of our systems and the disruptions being experienced. By its nature, forward-looking information requires Emera to make assumptions and is subject to inherent risks and uncertainties. These statements reflect Emera management’s current beliefs and are based on information currently available to Emera management. There is a risk that predictions, forecasts, conclusions and projections that constitute forward-looking information will not prove to be accurate, that Emera’s assumption may not be correct and that actual results may differ materially from such forward-looking information. Additional detailed information about these assumptions, risks and uncertainties is included in Emera’s securities regulatory filings, including under the heading “Enterprise Risk and Risk Management” in Emera’s annual Management’s Discussion and Analysis, and under the heading “Principal Financial Risks and Uncertainties” in the notes to Emera’s annual and interim financial statements, which can be found on SEDAR+ at www.sedarplus.ca.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
The media company Lee Enterprises said a “cybersecurity event” had created havoc at dozens of its newspapers, prompting some to publish shorter editions or not print at all.
Newspapers across the country owned by the news media company Lee Enterprises were unable to print, had problems with their websites and published smaller issues after a cyberattack last week, the company said.
In a statement emailed on Sunday, Lee Enterprises said that the company was facing disruptions to its daily operations because of a “cybersecurity event,” and that it had notified law enforcement.
Lee Enterprises is the parent company of more than 70 daily newspapers, such as The St. Louis Post-Dispatch, and nearly 350 weekly and specialty publications in 25 states, including Alabama, New York and Oregon. The company did not say how the attack happened or who was behind it.
We are now focused on determining what information — if any — may have been affected by the situation,” the company said.We are working to complete this investigation as quickly and thoroughly as possible, but these types of investigations are complex and time-consuming, with many taking several weeks or longer to complete.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
Source :https://www.nytimes.com/2025/02/09/business/media/newspaper-cyberattack-lee-enterprises.html
U.S. engineering firm ENGlobal has confirmed that hackers accessed “sensitive personal information” from its systems during a November 2024 cyberattack.
ENGlobal, which provides engineering and automation services to the federal government and critical infrastructure organizations, said in an updated 8-K filing with the U.S. securities regulator on Monday that hackers subsequently “encrypted some of its data files,” implying the incident was related to ransomware. The company said some of its business applications — including financial reporting systems — were offline for about six weeks.
The Houston, Texas-based company hasn’t yet said how many individuals are affected by the breach or what types of data were accessed, but said it will notify those affected. ENGlobal did not immediately respond to TechCrunch’s questions.
In its updated filing, ENGlobal says that its operations have been “fully restored” following its cyberattack. The company says it believes the threat actor, who has not yet been named, no longer has access to its IT systems.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
