Another day, another attack on public schools to report. Today’s report concerns Beaverhead County High School in Montana, which was reportedly hit by Avos Locker. The threat actors added the listing to their dark web leak site on November 20, but do not state when the attack actually occurred. As proof of claim, Avos Locker…
Category: U.S.
Update: Astoria notifying 940,000 consumers after breach earlier this year
There is an update to one of the most controversial data breaches of 2021. Mark Francis of Holland & Knight, who are external counsel for Astoria Company LLC, notified the Maine Attorney General’s Office that Astoria is notifying 940,000 consumers about a breach that occurred in January, 2021. The breach became controversial, in part, because…
Three months after ransomware attack and two months after data was dumped, UHC has yet to notify patients in writing
On September 25, DataBreaches.net reported on a ransomware attack suffered by United Health Centers of San Joaquin Valley (UHC). BleepingComputer had also reported on the incident the day before. Neither this site nor BleepingComputer had been able to get a statement from UHC at the time, but it was clear from the data dumped by…
GoDaddy security breach exposed WordPress data of 1.2 Mn users
Reuters reports: Web hosting company GoDaddy Inc said on Monday email addresses of up to 1.2 million active and inactive Managed WordPress customers had been exposed in an unauthorised third-party access. The company said the incident was discovered on November 17 and the third-party accessed the system using a compromised password. Read more on Financial…
DeKalb County School District virtual meeting hacked with obscene images
This week’s reminder to use secured Zoom accounts and not personal unsecured ones.
Lakeside School breach — what happened?
On November 3, Lakeside School provided a notification to the Massachusetts Attorney General’s Office about a data breach. Lakeside School is a private school for grades 5-12 in the Seattle, Washington area. Because Massachusetts does not require inclusion of the kinds of details this site reports, we have almost no information on this breach other…