Shaker Heights City School District in Ohio has notified the Maine Attorney General’s Office and the Montana Attorney General’s Office of a data security incident. The incident was discovered on January 30, 2022, but the investigation revealed that it had begun as early as September 1, 2021. Data were exfiltrated as part of the incident….
Author: Dissent
Hacker and Ransomware Designer “Nosophoros” Charged for Use and Sale of Ransomware, and Profit Sharing Arrangements with Cybercriminals
A criminal complaint was unsealed today in federal court in Brooklyn, New York, charging Moises Luis Zagala Gonzalez (Zagala), also known as “Nosophoros,” “Aesculapius” and “Nebuchadnezzar,” a citizen of France and Venezuela who resides in Venezuela, with attempted computer intrusions and conspiracy to commit computer intrusions. The charges stem from Zagala’s use and sale of…
MS: Vicksburg-Warren School District sends notifications for “Grief” ransomware incident in 2021
On May 12, 2022, Vicksburg-Warren School District in Mississippi issued a breach notification. Its explanation begins, “On or around May 28, 2021, VWSD detected unusual activity within its digital environment.” Investigation revealed that files with personal information “may have been accessed or acquired.” The “may have been” seems a bit vague given that threat actors calling…
UK: Central Bedfordshire Council leaked special educational needs students’ personal details
It’s a council two-fer today it seems when it comes to breaches of students’ information. First we had the Cornwall Council item. Now we learn about how Central Bedfordshire Council leaked the details of ‘dozens and dozens’ of special educational need (SEND) pupils. The council leaked the details when responding to a Freedom of Information (FOI)…
Ca: Elgin data breach ‘devastating’ for victims; county not transparent about incident – Cavoukian
Norman de Bono reports: Personal information for 330 people, some of it highly sensitive, was compromised by a “cyber-security incident” that knocked out Elgin County’s website and email system for nearly a month, the county said. Personal and employment information for county employees and some long-term care residents and former residents was dumped into the…
UK: Cornwall Council Data Breach
The Cornwall council accidentally published the personal details of five schoolchildren in publicly accessible meeting documents. Cornwall Council has apologized for the data breach, including their names, addresses, and dates of birth. It made the error when it published online documents for a meeting of its School Transport Appeals Committee. Source: InformationSecurityBuzz.