Mahira Dayal reports: A data breach at Proskauer Rose exposed client data, including sensitive legal and financial information, the law firm confirmed Friday. “Our tech security team recently learned that an outside vendor that we retained to create an information portal on a third-party cloud-based storage platform had not properly secured it,” Joanne Southern, a…
Category: U.S.
Aspire Public Schools reveals 2022 breach; Rochester Public Schools dealing with current attack
Notices of breaches involving two school breaches showed up today in DataBreaches’ searches: Aspire Public Schools in California submitted notifications to at least two state attorneys general. According to its notification, Aspire learned that an unauthorized party gained access to one Aspire email account at various times between February 2022 and August 2022. There was…
7×7 Dental Implant & Oral Surgery alleged victim of Abyss ransomware group
A leak site called “Abyss” recently added 7×7 Dental Implant & Oral Surgery Specialists of San Francisco (7×7) to their site and claimed to have 114 GB of the dental practice’s files. A file tree showing 2,891 directories and 63,557 files was posted as proof of claim. Some of the filenames suggest business-related internal documents,…
Microsoft leads effort to disrupt illicit use of Cobalt Strike, a dangerous hacking tool in the wrong hands
Elias Groll and AJ Vicens report: Microsoft’s Digital Crimes Unit, cybersecurity firm Fortra and the Health Information Sharing & Analysis Center announced legal action Thursday to seize domains related to criminal activity involving cracked copies of the security testing application Cobalt Strike, which has become a favorite tool for cybercriminals to carry out attacks around…
Ransomware Attack at NJ County Police Department Locks Up Criminal Investigative Files
Jonathan Dienst reports: The Camden County Police Department experienced a ransomware attack that has been locking many criminal investigative files and day-to-day internal administration abilities, several law enforcement officials said. Investigators said the attack started in the middle of March and technicians continue working to try to get all systems back up and running. Read more at NBC.
Tesla workers shared sensitive images recorded by customer cars
Reuters reports: Tesla assures its millions of electric car owners that their privacy “is and will always be enormously important to us.” The cameras it builds into vehicles to assist driving, it notes on its website, are “designed from the ground up to protect your privacy.” But between 2019 and 2022, groups of Tesla employees…