One of the big stories this week concerned a failed attempt to bribe a Tesla employee to inject malware into Tesla’s system. The attempt failed because the employee reported what was going on. From the U.S. Department of Justice: A federal grand jury in the District of Nevada returned an indictment today charging a Russian…
Category: Breach Incidents
Ransomware Attacks During COVID-19
Michael Buchanan and Andrew Willinger of Patterson Belknap have a post about ransomware attacks on entities involved in COVID-19 research or work on vaccines for it. In their piece, they point to a number of attacks that have been previously covered on this blog, starting with the Maze team attack on Hammersmith Medicines Research in…
AusCERT says alleged DoE hack came from a third-party
Catalin Cimpanu reports: The Australian Computer Emergency Response Team (AusCERT) denied claims today that hackers had breached the Department of Education, Skills, and Employment (DoE), and downloaded the personal details of more than one million students, teachers, and staff. Rumors of a supposed hack first surfaced yesterday after a hacker shared an archive file on…
PULAU Corporation notifies employees of June hack
Defense supplier PULAU Corporation is notifying their employees about an intrusion and unauthorized access into parts of their network between June 11 and June 29. Based on our investigation, we believe the unauthorized party acquired certain employment-related records stored on the affected systems. The affected records contained certain personal information, such as name, contact information,…
Already in the midst of a crisis, a Houston hospital was attacked by ransomware
It’s been a rough year for the U.S. in terms of COVID-19. And some areas have been hit worse than others. On August 1, CNN tweeted about how rough things were at Houston’s United Memorial Medical Center. Yesterday was Dr. Joseph Varon’s 134th day leading the coronavirus unit at Houston’s United Memorial Medical Center. Last…
Greenville Technical College claims no personal data affected by ransomware incident; threat actors claim otherwise
When threat actors gave Greenville Technical College in South Carolina until September 4 to respond to their ransomware demands, the college didn’t worry. They had decided not to pay because they were able to recover from the attack without paying for a decryption key. But there was a second part to the ransomware attack —…