The education sector has always been a relatively easy target for cybercriminals. One group in particular — Pysa — earned a reputation for its ransomware attacks on schools. Despite analyses and alerts in March, 2021 by threat intel firms and the U.S. government indicating that Pysa was a major threat to the education sector in…
Category: Breach Incidents
Are victims of Netgain ransomware incident first being notified now?
Accounting firm Perkins & Co. in Portland Oregon has submitted a notification to the Vermont Attorney General’s Office about a breach that goes back to 2020 — the Netgain ransomware incident that impacted numerous clients and individuals. According to Perkins’ notification, Netgain first notified them of the breach in December 2020. So why did it…
Today’s exercise in reading between the lines
A recent notification by Aon had DataBreaches wondering exactly what went on with their incident response. Consider their description of what happened: What Happened? On February 25, 2022, Aon identified a cyber incident that, upon investigation, impacted a limited number of systems. Once the incident was discovered, Aon immediately retained leading cybersecurity firms to assist…
Potential privacy breach after documents stolen from abandoned Auckland police station
Rachel Maher reports: Police have alerted the Privacy Commissioner after a burglar broke into the former Auckland police station and stole documents and expired pepper spray. The police were made aware of the break-in while carrying out a search warrant at a Mount Albert address where police property was found. The items found included documents…
Martin University discloses ransomware incident
Martin University in Indianapolis disclosed that they were hit by a ransomware attack on January 3, 2022, and have been investigating the incident since then. As is often the case with these attacks, the university was unable to determine whether there had been actual access to files with personal information. As a result, they are…
MO: Washington University School of Medicine notifying patients and research participants of data security incident
Washington University School of Medicine in St. Louis has reported yet another data security incident — what appears to be the fourth one in five years. Washington University School of Medicine is notifying an as-yet revealed number of patients and research participants whose personal and protected health information was in employee email accounts that were…