People who had their personal information collected by a national genetic testing organization between 2004 and 2012 may have never known that their information was acquired by DNA Diagnostics Center (DDC) in Ohio in 2012. They may find out now, though, as DDC fell prey to a cyberattack in May and data was exfiltrated over…
Category: Breach Incidents
Yanluowang ransomware operation matures with experienced affiliates
Ionut Ilascu reports: An affiliate of the recently discovered Yanluowang ransomware operation is focusing its attacks on U.S. organizations in the financial sector using BazarLoader malware in the reconnaissance stage. Based on observed tactics, techniques, and procedures, the threat actor is experienced with ransomware-as-a-service (RaaS) operations and may be linked with the Fivehands group. Read more on…
Daily Mail claims to have located REvil threat actor wanted by FBI for ‘using ransomware to fleece millions of dollars’ from Americans
The Daily Mail is not a news outlet that I would normally turn to for breaking news about tracking down a Russian cybercriminal, but that is what they claim to have done. Will Stewart reports: One of the FBI’s most wanted men linked to ransomware gang REvil is living freely in a Siberian city with…
Montana high school hit by ransomware
Another day, another attack on public schools to report. Today’s report concerns Beaverhead County High School in Montana, which was reportedly hit by Avos Locker. The threat actors added the listing to their dark web leak site on November 20, but do not state when the attack actually occurred. As proof of claim, Avos Locker…
Lakeside School breach — what happened?
On November 3, Lakeside School provided a notification to the Massachusetts Attorney General’s Office about a data breach. Lakeside School is a private school for grades 5-12 in the Seattle, Washington area. Because Massachusetts does not require inclusion of the kinds of details this site reports, we have almost no information on this breach other…
NJ: Spotswood Public Schools notifying 424 employees impacted by a ransomware incident
Here’s another k-12 data security incident that does not appear to have made news or to have been revealed on a school district’s website (at least as far as DataBreaches.net can determine): On behalf of Spotswood Public Schools in New Jersey, Baker & Hostetler notified the Maine Attorney General’s Office that Spotswood experienced a ransomware…