Here’s today’s reminder not to just repeat threat actors’ claims without checking or attempting to verify them first: Qilin added a company to their dark web leak site that they misidentified as Richardson Sales Performance. It wasn’t Richardson Sales Performance. What they appear to have hit, based on their proof of claims screenshot, was a…
Author: Dissent
European Commission Publishes Action Plan on Cybersecurity of Hospitals and Healthcare Providers
Mark Young & David Brazil of Covington and Burling write: On 15 January 2025, the European Commission published an action plan on the cybersecurity of hospitals and healthcare providers (the “Action Plan”). The Action Plan sets out a series of EU-level actions that are intended to better protect the healthcare sector from cyber threats. The publication of…
Cybersecurity Incident Impacting Addison Northwest School District (ANWSD)
Legacy data and servers have bitten another entity. Kudos to Addison Northwest School District (ANWSD), though, for the clarity of their public notice, linked prominently from their home page. Their notice: We want to inform our community about a recent cybersecurity incident involving Addison Northwest School District (ANWSD). During an investigation into a breach affecting…
Toronto student information dating back to 1985 may have been accessed in PowerSchool cyber incident
Meredith Bond reports: Student information for those who attended Toronto District School Board as far back as 1985 may have been compromised by a cyber incident that happened in December 2024. On Jan. 8, the TDSB sent a letter to parents explaining the incident involving the PowerSchool software, which is used by many boards across…
The U.K. is considering prohibiting ransom payments. It’s a difficult issue.
How many times have the FBI and CISA urged entities NOT to pay ransom because it just encourages the attackers to attack more, while others suggest that a total ban would make things a lot worse? On January 14, the U.K. government opened a consultation, Ransomware legislative proposals: reducing payments to cyber criminals and increasing…
DOJ confirms arrested US Army soldier is linked to AT&T and Verizon hacks
Zack Whittaker reports: U.S. prosecutors have formally linked the arrest of a serving U.S. Army soldier in December to a massive theft of U.S. phone records from AT&T and Verizon last year. Authorities arrested Cameron John Wagenius, a U.S. Army communications specialist, in Texas on December 20 following a brief two-page grand jury indictment accusing the U.S….