Hacker group targeted law firms, released veterans’ stolen data related to PTSD claims

| February 19, 2020


Information frIom veterans’ PTSD claims was released in a recent data breach.

Hackers are one of the planet’s lowest life forms, and should be painfully eradicated most ricky tick. Skippy sends us the latest privacy violation by hackers targeting veteran’s medical records. This particular group of jackwagons is demanding ransom for hacked data recovery. There are about a brazillion blue crabs just starting to wake up in the Chesapeake Bay, and damn they are hungry.

Read on.

By Dylan Gresik

Hackers have gained access to sensitive data from at least five law firms in the past four months, releasing stolen data that includes pain diary entries from veterans’ personal injury cases, Emsisoft, a cybersecurity and anti-malware company, told Military Times.

Maze, a hacking and ransomware group, has breached several law firms, local government databases and other companies, demanding payments for data recovery and deletion. The posted information includes VA documents, patient care records, legal fee agreements and privacy consent forms.


Screenshot of a VA claims document released in a data dump by hacking group Maze as part of a ransomware attack against U.S. law firms. (Screenshot/Brett Callow)

Two of those hacks targeted Texas-based law firm Baker Wotring in November and Woods and Woods LLC in Evansville, Indiana, this month, the Evansville Courier & Press reported.

Woods and Woods is a nationwide disability benefits firm that deals with U.S. Department of Veterans Affairs litigation.

“[Woods and Woods LLC] has notified the FBI and has taken and continues to take prompt action to contain the incident, mitigate its effects, and fully investigate,” said Neil Woods in an emailed statement to Military Times. “The firm is able to continue conducting its business since it had backups in place. The firm will provide additional information to its clients as the investigation continues.”

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Maze hacks an organization’s servers, notifies them of the breach and demands ransom payments to prevent data dumps, according to Brett Callow, a threat analyst with Emsisoft. If the group does not receive payment, it will publish small amounts of compromised data — “proofs” — online, accessible to anyone with internet access.

The group has previously demanded payments ranging from $1 million to several million dollars, and if payment is not received, Maze will release additional sensitive data on a staggered basis, Callow explained. Maze has already released a portion of personal documents from Woods and Woods, and the group claims to have more

Thanks Skippy. Read the rest here:Military Times

Category: Crime, Exploitation, Guest Link

Comments (24)

Trackback URL | Comments RSS Feed

  1. Skippy says:

    Absolutely Amazing,
    ones PII isn’t safe anywhere Anymore
    I personally don’t have to worry about This
    I feel sorry for those that do
    Uncle Sam gave all of my PII
    away a few years ago sent me a nice two page
    Letter and free credit monitoring

  2. 26Limabeans says:

    I have long considred my VA file to have been compromised.

    While renewing my drivers license recently I was asked if
    I wanted my license to indicate I was a veteren.
    Of course I replied “no” to which the clerk looked puzzled.
    Having lived through the 70’s and 80’s as a Viet of the Nam
    veteran that could explode at any moment I learned to keep
    all that secret lest I be institutionalized.
    Can you imagine being pulled over back then only to have
    the cop realize all this when they see that “V” on the card?

    Yeah, I’m being a little bit sarcastic about it…now.
    It was dead serious business back then and you younger vets
    would do well to keep that “scarlet letter” off your license.
    If you think it will somehow gain respect from whomever
    views it then go for it. You will be disappointed.

    Uh-oh. I called it a scarlet letter… I’m gonna take flak.

    • Comm Center Rat says:

      I’m a post-Vietnam era veteran and I agree with you 26L. The only item I own identifying me as a veteran is my retired military ID card. As a consumer in the ranks of the Free Shit Army I don’t leave home without it.

      Later this morning I’ll go shopping at the local warehouse store. I always marvel at the colorful display of militaria being worn by “veterans.” Over the last decade I’ve seen an Army division equivalent of “Vietnam vets” in those aisles. It seems those gray loons get more patriotic with age and love talking about when they “fought for this country.” ‘Cause they love ‘Murica and damn it somebody had to do it!

      • Anonymous says:

        Like the panhandler outside the Walmart on Skibo outside Bragg who updates his “old Army pants” from BDU to ACU to OCP…

      • Twist says:

        The only thing I have besides my blue ID card is my disabled vet plates. The only reason I have those plates is that they were free and they don’t ever expire.

  3. 5th/77th FA says:

    Let’s see if I got this right. The more the Blue Crab eat, the bigger they get, correct? And the bigger they are the more crab cakes we can grill? My only question left is do we use Dave’s boat to deliver the crab’s food or do we make them do a HANO from an aerial delivery platform?

    Anybody DON’T think that everything to be known about you is already known give me a call. I got a real nice bridge leading to some ocean front property to interest you in. They say Nebraska is nice this time of year.

    • AW1Ed says:

      5/77, steaming is the preferred method of dispatching/cooking crabs. They likely would take umbrage being placed on a grill, and scatter off all over the patio, very pissed off.
      *grin*
      I suppose one could grill a soft-shell, but I like mine pan fried in butter.

      • 5th/77th FA says:

        I had in mind some of them “grilled” crab cakes that you have posted the menu on Thursday are for cooking. I does like them steamed, but them thar “grilled” cakes was the kitty kat’s jammies.

        On one of my trips thru the PDRofMD, we stopped at the Chesapeake Bay Seafood House. They had an all you can eat Shrimp and Crab Legs deal. The Manager finally had to come out and tell us “You’ve had all you can eat.” Good times.

    • The Stranger says:

      AS TO the delivery method, since I am a Catholic (very lapsed), I suggest we canonize them! As in load them into a cannon and launch them into Chesapeake Bay.
      Also, KOB, that bridge you be tryin’ to sell isn’t yours…it’s MINE!

      • 5th/77th FA says:

        Hey, I’m down with cannonizing these dirtbags. Be a cast iron bitch to get all of the slime they’ll leave out of the tubes. That could be a chore for ol’ Ricky Wayne Jowers. After all, he was in a “self perpeled” arty unit and an 8 inch would be easier to clean than a 106 howtizer. And from what we understand, he’s not doing too much lately.

        Now, about that bridge. You know that Kelly, his Heroes, the Band, and I sto…err WON that Bailey fair and damn square in that card game with Oddball and Crap Shoot. Just cause y’all Engineers didn’t get to the bank in time doesn’t negate the fact that the bridge is still ours. Here, have some more crab cakes and a cold Yuengling. It’ll feel better when it quits hurting so bad.

  4. Ret_25X says:

    Operate as if all your financial, medical, and court information is public record. Because it is.

    IT security is a farce at best and unmitigated disaster at worst for two very good reasons:

    1. IT users hate to follow rules
    2. Security has to be right all of the time while the hacker only has to stumble in once.

    • 26Limabeans says:

      “Operate as if all your financial, medical, and court information is public record. Because it is”

      Concur. The DMV knows everything about you.
      They are like a state version of the NSA.
      That is why they will give a license to anyone.
      Data colllection under the guise of a puplic service.

      Hackers can’t hack unless the data is first collected
      by some organization or government agency.
      And the people who collect it on our behalf would
      never ever use it for profit.

      • Ret-25X says:

        We live in a “post privacy” culture now. This will get more and more acute for some time to come until something acts on the culture and a seismic movement occurs forcing digital privacy on everyone. Frankly, that is likely to be the point at which all privacy has been stripped away and digital records simply hold no value.

        I don’t see that happening anytime soon, but I do see governments spending loads of tax payer money on non-viable approaches.

  5. Comm Center Rat says:

    Two days ago I received a letter from the Defense Information Systems Agency (DISA) notifying “of a potential compromise of your PII” and offering free credit monitoring services. My PII was hacked at least twice while I was in the Army and once as a federal employee.

    If my investment accounts are hacked I’ll be concerned. Otherwise, I don’t care to be notified by the feds almost annually that my data has been compromised because I expect that to happen.

  6. Sapper3307 says:

    I got my notice in the mail yesterday, more free credit monitoring from another incompetent corporation (Govt).

    • Anonymous says:

      About like those “finalize your student loan forgiveness application” numbnuts who keep clogging up my voicemail– hey, retards, I didn’t have any!

  7. The Other Whitey says:

    Having been a target of identity theft, specifically some asshole racking up large fraudulent charges on my credit card, I hope these shitheads die violently. This kind of thing is a personal violation, and those who would do it to somebody else are incompatible with any kind of society.

  8. A Proud Infidel®™ says:

    First we need to legalize the act of torturing hackers, I think that would be a good start!

  9. OmegaPaladin says:

    Hey CIA, maybe take a break from politics and make these guys disappear? No one would miss them.

  10. Graybeard says:

    I’ve been in or around computers most of my life (pushing 7 decades) – worked IT 20+, was on the internet when it was all command-line, none of this fancy-smancey HTML/CSS/PHP GUI stuff.

    I have said it for years and will continue:
    There is NO security or privacy on the internet – and everything is getting connected to the internet: your computer, your phone, your refrigerator, your electric meter, your car…

    The OPSEC risk is huge.

  11. chooee lee says:

    First of all, you put them in a large freezer and get them all good and frozen. Then you do a Sopranos on them and cut them in quarters. Then you run the frozen parts through a rather large diesel-powered wood chipper and make crab chum out of them. Not that I have given this any thought tho.