September 29, 2023

The Canadian Nurses Affiliation (CNA) confirmed that it’s working with its members to answer a leak of delicate knowledge stolen by a bunch of hackers earlier this yr.

A spokesperson for the affiliation, which represents practically half 1,000,000 nurses throughout the nation, informed Recorded Future Information it skilled a safety incident on April 3 hat didn’t affect operations however did have an effect on a few of its techniques.

“We instantly launched an investigation and engaged main third-party consultants to help our efforts. As a precautionary measure, we notified the suitable legislation enforcement authorities,” the spokesperson mentioned.

“We now have since accomplished our investigation into the incident and any members impacted by this incident are being notified accordingly. We’re participating with our members and dealing intently with our industry-leading companions to implement enhanced safety measures to guard our techniques, and to stop such a incident sooner or later.”

Two totally different ransomware teams — Snatch and Nokoyawa — took credit score for the assault in Might. However on September 1, the Snatch group, which has since claimed to shift completely to knowledge exfiltration and extortion with out ransomware, leaked 37 GB of data from CNA.

There was confusion in regards to the group’s operations since a Telegram channel was created in July by a bunch with the identical title. The group confirmed to Databreaches.web that it didn’t use ransomware throughout its assault on CNA. Later within the interview, they gave conflicting solutions about whether or not their extortion operation was related to the long-running ransomware group or not.

The group later wrote on Telegram that it’s totally different from the ransomware gang of the identical title, however DataBreaches.web famous that the 2 allegedly distinct teams use the identical URL for his or her leak websites.

South Africa denies Snatch assault

The identical Snatch hacking group just lately claimed to have attacked South Africa’s protection division, leaking troves of delicate paperwork in regards to the nation’s navy and senior leaders.

A number of authorities spokespeople didn’t reply to repeated requests for remark however beforehand informed native information retailers that they weren’t hacked.

In a press release published on Twitter final week, the South African Nationwide Protection Power mentioned it carried out an investigation into the incident.

“It may be confirmed the system of the Division of Defence has not been hacked. That is the work of legal syndicates inside the our on-line world aided by means of data leaked from the Division,” spokesperson Siphiwe Dlamini wrote.

“The Division of Defence has insurance policies in place that prohibits unauthorized entry and sharing of labeled data. The investigation continues and perpetrators can be dropped at e book. The Division assures South Africans that our techniques are secured and measures have been put in place to make sure that the state data shouldn’t be compromised.”

Snatch has spent weeks boasting of the incident, telling a number of South African information retailers that it stole 1.6 terabytes of knowledge in the course of the six months they allegedly spent inside the Protection Division’s techniques. A number of retailers confirmed that at the very least a number of the knowledge leaked by Snatch is legit.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Be taught extra.

Jonathan Greig

Jonathan Greig is a Breaking Information Reporter at Recorded Future Information. Jonathan has labored throughout the globe as a journalist since 2014. Earlier than transferring again to New York Metropolis, he labored for information retailers in South Africa, Jordan and Cambodia. He beforehand coated cybersecurity at ZDNet and TechRepublic.