Sergiu Gatlan reports: T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds of customers for more than a month, starting late February 2023. Compared to previous data breaches reported by T-Mobile, the latest of which impacted 37 million people, this incident affected only 836 customers….
Category: U.S.
Ransomware Gang Claims Edison Learning Data Theft
Krystal Kuykendall reports: The Royal Ransomware is claiming to have infiltrated public school management and virtual learning provider Edison Learning, posting on its dark web data leak site on Wednesday, April 26, that it had stolen 20GB of the company’s data “including personal information of employees and students” and threatening to post the data “early next…
Key U.S. Marshals computers still down 10 weeks after breach
Devlin Barrett reports: A key law enforcement computer network has been down for 10 weeks, the victim of a ransomware attack that has frustrated efforts by senior officials to get the system back up and running — raising concerns about how to secure critical crime-fighting operations. While the initial breach of a computer system within…
Nashua School District hit by ‘sophisticated’ cyberattack; classes to go on as scheduled Monday
Jessica Kisluk reports: The Nashua School District said classes will go on as scheduled Monday after it was hit by a “sophisticated” cyberattack Sunday. The district said it is working with a third-party investigator to determine the nature and scope of the attack. “We are working diligently to investigate the incident, confirm its impact on…
HC3: Sector Alert Report: New Data Breaches from Cl0p and Lockbit Ransomware Groups
April 28, 2023 New Data Breaches from Cl0p and Lockbit Ransomware Groups Executive Summary Ransomware-as-a-service (RaaS) groups Cl0p and Lockbit recently conducted several distinct attacks, exploiting three known vulnerabilities (CVE-2023-27351, CVE-2023-27350, and CVE-2023-0669). The Cybersecurity and Infrastructure Security Agency (CISA) added the latter two vulnerabilities to its Known Exploited Vulnerabilities Catalog but has not yet…
U. of Iowa Health Care denies sharing patient data with Facebook, but are they right?
DataBreaches never accused U. of Iowa Health Care of sharing patient data with Facebook, but it seems that someone did. Clark Kaufmann reports: The University of Iowa Hospitals & Clinics is denying that it shares any confidential patient information with Facebook. Last week, lawyers for an Iowa woman, Eileen Yeisley, filed suit against UIHC in…