Randall Case reports: A compromise of an account has led to improper downloads of a large number of crash records, the Texas Department of Transportation announced Friday. On May 12, TxDOT identified unusual activity in its Crash Records Information System (CRIS) and further investigation revealed the activity originated from an account that was compromised and…
Category: U.S.
PowerSchool hacker pleads guilty, released on personal recognizance bond
He’s just a frail-looking teenager, but he sent threatening emails to get his victims to pay his extortion demands. Today, 19 year-old Assumption College student Matthew Lane waived indictment and pleaded guilty in a Worcester courtroom to hacking an unnamed telecom company and an unnamed edtech vendor, widely known to be PowerSchool. As per the…
Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
Central Maine Healthcare posted a notice on its Facebook page today: On June 1, 2025, technicians monitoring the information systems at Central Maine Healthcare identified unusual activity within the system’s computer software. In response, they immediately secured and shut off all information technology applications and hardware, including network servers and phone systems. Central Maine Medical…
Lower Merion School District says a data breach was caused by a computer glitch (1)
DataBreaches cannot read “Lower Merion School District” without recalling the “Webcamgate” scandal of 2010, when the district was discovered monitoring students remotely in their bedrooms on district-issued MacBooks. At the time, they initially denied any misuse of remote access that was part of a security feature. Now the district is back in local news in…
After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
Nelcia Charlemagne reports: Virgin Islands Lottery’s executive director, Raymond Williams, says the entity is now “90 percent back [to] functionality” after a cybersecurity incident that halted operations across the territory. The March ransomware attack compromised Lottery’s entire network. Mr. Raymond appeared before the Committee on Government Operations, Veterans Affairs, and Consumer Protection on Friday. He reminded Committee…
Banks Want SEC to Rescind Cyberattack Disclosure Requirements
PAYMNTS reports: American banking groups want the Securities and Exchange Commission (SEC) to revoke its cybersecurity incident disclosure requirements. These groups, led by the American Bankers Association (ABA), wrote to the SEC last week, contending that disclosing cybersecurity incidents “directly conflicts with confidential reporting requirements intended to protect critical infrastructure and warn potential victims.” Joining the ABA were the Securities Industry…