Final Rule Aligns 42 CFR Part 2 with HIPAA and HITECH – Troutman Pepper
Final Rule Aligns 42 CFR Part 2 with HIPAA and HITECH Troutman Pepper
Abyde Revolutionizes HIPAA Compliance for Business Associates with Innovative Cloud-Based Solution – BNN Breaking
Lawsuit: AHA Challenges HHS Over HIPAA Concerns – Telehealth.org | Professional Training & Consultation
Lawsuit: AHA Challenges HHS Over HIPAA Concerns Telehealth.org | Professional Training & Consultation
HIPAA Updates: The Obligations Continue to Unfold – Baker Donelson
HIPAA Updates: The Obligations Continue to Unfold Baker Donelson
Abyde Launches HIPAA for Business Associates Software: Simplifying Compliance for Business Associates in – EIN News
HHS Final Rule Brings Sweeping, Complex Changes for Substance Use Records – JD Supra
Boss of Gang Behind Attack on University of Vermont Medical Center Facing 40 Years in Jail – HIPAA Journal
Boss of Gang Behind Attack on University of Vermont Medical Center Facing 40 Years in Jail
A Ukrainian man accused of leading racketeering groups who conspired to infect thousands of business computers with malware has pleaded guilty in federal court in Nebraska to one count of conspiracy to commit wire fraud and one count of conspiracy to break U.S. anti-racketeering laws. One of the victims, the University of Vermont Medical Center, was infected with ransomware resulting in IT systems being taken offline for more than two weeks. The attack prevented the medical center from providing critical patient services for more than two weeks. The Department of Justice said the attack on the medical center created a risk of death or serious bodily injury for patients and cost the medical center more than $30 million.
Vyacheslav Igorevich Penchukov, 37, aka Vyacheslav Igoravich Andreev and known online as Tank and Father, was accused of leading two cybercriminal groups, JabberZeus and IcedID, between 2009 and 2021. JabberZeus distributed the Zeus banking trojan and IcedID distributed the IcedID banking trojan. Both of these popular malware variants were used to steal usernames, passwords, and other information that allowed access to be gained to online bank accounts.
According to the Department of Justice, “Penchukov and his co-conspirators then falsely represented to banks that they were employees of the victims and authorized to make transfers of funds from the victims’ bank accounts, causing the banks to make unauthorized transfers of funds from the victims’ accounts, resulting in millions of dollars in losses to the victims.” The groups then hired money mules in the United States to receive the fraudulent transfers, withdraw the funds, and then wire the money to overseas accounts under the control of Penchukov and his co-conspirators.
Penchukov was indicted in 2012 for his role in the JabberZeus group and was placed on the Federal Bureau of Investigation’s (FBI) Most Wanted List, where he remained for almost a decade. While on the FBI’s Most Wanted List, Penchukov led the IcedID gang from November 2018 to February 2021. IcedID also infected devices with malware to steal banking information. The IcedID trojan could also be used to deliver other malware payloads, including ransomware, as was the case with the attack on the University of Vermont Medical Center in October 2020.
Penchukov was arrested in Switzerland in 2022 and was extradited to the United States in 2023. On February 15, 2024, Penchukov appeared in court in Lincoln, Nebraska, and pleaded guilty to one count of conspiracy to commit a Racketeer Influenced and Corrupt Organizations (RICO) Act offense for his role in the JabberZeus gang, and one count of conspiracy to commit wire fraud for his role in the IcedID group. Penchukov faces a maximum of 40 years in jail – up to 20 years for each count – and will be sentenced on May 9, 2024.
The post Boss of Gang Behind Attack on University of Vermont Medical Center Facing 40 Years in Jail appeared first on HIPAA Journal.