Montana State University was hit with a cyberattack on April 20. They are still working to recover from it. Here is their latest update: Campus network update: NetID password changes, service status page Sent at 8:18 a.m. Friday, April 28, via email to students, faculty and staff. As work continues to return Montana State University’s…
Category: Breach Incidents
Bits ‘n Pieces (Trozos y Piezas)
CL: Saville Row attacked by BlackCat Saville Row, a Chilean clothing store, was added to BlackCat’s leak site on April 21. Sample files provided by the threat actors included internal Saville Row documents such as invoices and purchase orders. DataBreaches found no notice of any incident on the store’s website or social networks. They did…
HC3: Sector Alert Report: New Data Breaches from Cl0p and Lockbit Ransomware Groups
April 28, 2023 New Data Breaches from Cl0p and Lockbit Ransomware Groups Executive Summary Ransomware-as-a-service (RaaS) groups Cl0p and Lockbit recently conducted several distinct attacks, exploiting three known vulnerabilities (CVE-2023-27351, CVE-2023-27350, and CVE-2023-0669). The Cybersecurity and Infrastructure Security Agency (CISA) added the latter two vulnerabilities to its Known Exploited Vulnerabilities Catalog but has not yet…
Court records online include private information for thousands of Missouri residents
Josh Renaud reports: Documents containing Social Security numbers and other private information for thousands of Missourians are accessible to anyone using the Casenet website, the state’s judicial records system, the Post-Dispatch recently discovered. Missouri Supreme Court officials have acknowledged the issue after being alerted by the Post-Dispatch, and they fixed one vulnerability on Casenet. But…
BakerHostetler’s 9th annual Data Security Incident Response Report
BakerHostetler’s annual report is out, and as always, it is a great read because it provides statistics and analysis of the more than 1,100 data breach incidents the law firm handled in 2022. Ted Kobus provides a bit of the history of the firm’s Digital Assets and Management Group. Here’s just one graphic from the…
Two ransomware groups list Albany ENT & Allergy Services on their leak sites
On April 23, the BianLian ransomware group listed: A***** *** * ******* S******* BianLian often uses the asterisk system before they actually name the victim and leak data. Today, though, DataBreaches also saw the following on the RansomHouse leak site: Albany ENT & Allergy Services They’re both listing the same entity (even the listed revenues…