Cellebrite, a company that makes forensic equipment for unlocking smartphones, said it is acquiring mobile testing startup Corellium for $170 million in cash, with $20 million converted to equity at closing.
The Israel-headquartered Cellebrite said the deal would help with the “accelerated identification of mobile vulnerabilities and exploits.” Much of Cellebrite’s technology relies on using unknown vulnerabilities, such as zero-day exploits, to unlock encrypted data stored on phones.
For its part, Corellium provides its customers access to virtual, cloud-based Android and iOS devices for app and security testing, an offering that Apple for a time sought to block.
A Cellebrite spokesperson told TechCrunch that the deal is expected to close later this year, subject to a review from CFIUS, the U.S. government committee tasked with handling corporate deals that could affect national security.
Keep reading the article on Tech Crunch
A ransomware gang claimed responsibility for the hack on Kettering Health, a network of hospitals, clinics, and medical centers in Ohio. The healthcare system is still recovering two weeks after the ransomware attack forced it to shut down all its computer systems.
Interlock, a relatively new ransomware group that has targeted healthcare organizations in the U.S. since September 2024, published a post on its official dark web site, claiming to have stolen more than 940 gigabytes of data from Kettering Health.
CNN first reported on May 20 that Interlock was behind the breach on Kettering Health. At the time, however, Interlock had not publicly taken credit. Usually, that can mean the cybercriminals are attempting to extort a ransom from their victims, threatening to release stolen data. The fact that Interlock has now come forward could indicate that the negotiations have gone nowhere.
Do you have more information about Kettering Health’s ransomware incident? Or other ransomware attacks? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.
Kettering Health’s senior vice president of emergency operations, John Weimer, previously told local media that the healthcare company had not paid the hackers a ransom.
TK, a spokesperson for Kettering Health, did not provide comment when reached by TechCrunch on Wednesday.
Interlock did not respond to a request for comment sent to an email address listed on its dark web site.
A brief review of some of the files Interlock published on its dark web site appears to show the hackers were able to steal an array of data from Kettering Health’s internal network, including private health information, such as patient names, patient numbers, and clinical summaries written by doctors, which include categories such as mental status, medications, health concerns, and other categories of patient data. Other stolen data includes employee data and the contents of shared drives.
One of the folders contains documents, such as background files, polygraphs, and other private identifying information of police officers with Kettering Health Police Department.
On Monday, Kettering Health published an update on the cyberattack, saying the company was able to restore “core components” of its electronic health record system, which is provided by Epic, a healthcare software company. The company said this was “a major milestone in our broader restoration efforts and a vital step toward returning to normal operations” that allows it to “to update and access electronic health records, facilitate communication across care teams, and coordinate patient care with greater speed and clarity.”
Keep reading the article on Tech Crunch
Lee Enterprises, the newspaper publishing giant that was hit by a ransomware attack in February, causing widespread disruption to dozens of U.S. media outlets, has confirmed the cyberattack resulted in the theft of employees’ personal data.
The company confirmed in a letter filed with Maine’s attorney general that the personal information of 39,779 people was stolen in the cyberattack, including Social Security numbers. The data breach mostly affects former and current employees at the company.
Lee is one of the largest newspaper publishers in the U.S., and provides publishing technology and web services to more than 70 publications. The ransomware attack paralyzed newspaper printing, disrupted operations at media outlets across the country for weeks, and affected payments to freelancers and contractors.
Qilin, a prolific ransomware gang known for destructive cyberattacks, took credit for the breach.
A spokesperson for Lee did not respond to a request for comment prior to publication.
Keep reading the article on Tech Crunch