Dark Reading reports: Electronic Warfare Associates (EWA), a US defense contractor, has confirmed a data breach in which attackers exfiltrated files containing personal information. The breach began with a phishing attack that had “some limited impact” on EWA email accounts, officials report in a notification letter. Their investigation determined an attacker broke into EWA email accounts…
Category: U.S.
What happened, Friday edition
It’s often quite difficult to code incidents for analysis purposes. Consider the following notification’s description of what happened, as one example: Mesa, AZ: November 3, 2021 – Baywood Medical Associates, PLC dba Desert Pain Institute (“DPI”), a health care provider specializing in pain management located in Mesa, Arizona, has become aware of a data security incident…
Cyber Attack Knocks Ohio County Library Computers Offline
Mike Sigov reports: A cybersecurity incident has knocked out the Toledo Lucas County Public Library website and computer systems for the second day in a row, and officials are unsure when service might be restored. Stephanie Elton, the library’s assistant manager of communications, innovation and strategy, said the service outage happened because of a “targeted…
Hacker who posted ‘pwned’ on MIAA website says they hoped to help expose security flaws
Tom Westerholm reports: A hacker who goes by the screen names “netsaosa” and “g0retrance” got into the Massachusetts Interscholastic Athletic Association (MIAA) website on Monday and posted “pwned,” briefly derailing the release of the MIAA’s official statewide brackets for state tournament games. Reporters noted the delay before MassLive.com’s Meredith Perri realized the site was compromised. A pop-up in…
KS: Company that dumped private records in public trash is fined
AP reports: A national company will pay nearly $500,000 in fines for improperly disposing of documents that contained personal information of clients, the Kansas Attorney General’s Office said. Attorney General Derek Schmidt sued SearchTec, which has a satellite office in Kansas, in 2017. Read more on Lexington Herald-Leader. From the Kansas Attorney General’s Office: TOPEKA…
South Carolina School District reports security incident
Sarah Coble reports: A school district in South Carolina is investigating a “cyber-incident” that it says impacted hundreds of staff computers. On October 4, some of the networks of Colleton County School District stopped operating. The unusual activity was detected by the district’s information technology staff, who determined that a cybersecurity incident had occurred. Read more on InfoSecurity. From…