Another day, another attack on public schools to report. Today’s report concerns Beaverhead County High School in Montana, which was reportedly hit by Avos Locker. The threat actors added the listing to their dark web leak site on November 20, but do not state when the attack actually occurred. As proof of claim, Avos Locker…
Category: Breach Incidents
Lakeside School breach — what happened?
On November 3, Lakeside School provided a notification to the Massachusetts Attorney General’s Office about a data breach. Lakeside School is a private school for grades 5-12 in the Seattle, Washington area. Because Massachusetts does not require inclusion of the kinds of details this site reports, we have almost no information on this breach other…
NJ: Spotswood Public Schools notifying 424 employees impacted by a ransomware incident
Here’s another k-12 data security incident that does not appear to have made news or to have been revealed on a school district’s website (at least as far as DataBreaches.net can determine): On behalf of Spotswood Public Schools in New Jersey, Baker & Hostetler notified the Maine Attorney General’s Office that Spotswood experienced a ransomware…
Complaining about Canada’s alleged failure to extradite someone makes no sense when there’s no request to extradite
Yesterday, DataBreaches.net reported on a hoax email sent from a government system by an individual who calls himself “Pompompurin” on Twitter (@Pompompur_in). Pompompurin had immediately claimed responsibility for the incident and gave out interviews left and right. Despite Pompompurin taking responsibility for the hoax email, Vinny Troia of NightLion Security and ShadowByte immediately claimed that…
More Accusations About a Canadian Hacker in the Wake of a Hoax Email from FBI Portal
The email in my inbox on Friday night had the subject line, “Hey sexy,” and appeared to come from “[email protected]” <[email protected]>. Under normal circumstances, I would have just sent it to trash, but the Twitter user known to me as “Pompompurin,” had alerted me to check my email for what he described as a funny…
When I emailed Overlake OB/GYN in July about a ransomware attack in 2020, I didn’t anticipate what would happen next.
In December, 2019, Overlake Medical Center & Clinics discovered that some employees had fallen for a phishing scheme. On February 7, 2020, they reported the incident to HHS as impacting 109,234 patients. As HHS subsequently summarized things: After the breach, the [Covered Entity] implemented additional administrative and technical safeguards and retrained its staff on the…