Christina Carrega and Sean Lyngaas report: Law enforcement officials have seized an estimated $6 million in ransom payments, and the US Justice Department is expected to announce Monday that it has charged a suspect from Ukraine over a damaging July ransomware attack on an American company in a breakthrough for the Biden administration’s pursuit of cybercriminals, CNN…
Category: U.S.
Update on impact of the Washington Central Unified Union School District ransomware attack
On October 28, this site noted a report that Washington Central Unified Union School District in Vermont had been the victim of an as-yet-unconfirmed ransomware attack. The district has now issued a notification that makes clear that personal and health information of students and personnel may have been accessed or acquired. Their announcement also indicates…
US Defense Contractor Discloses Data Breach
Dark Reading reports: Electronic Warfare Associates (EWA), a US defense contractor, has confirmed a data breach in which attackers exfiltrated files containing personal information. The breach began with a phishing attack that had “some limited impact” on EWA email accounts, officials report in a notification letter. Their investigation determined an attacker broke into EWA email accounts…
What happened, Friday edition
It’s often quite difficult to code incidents for analysis purposes. Consider the following notification’s description of what happened, as one example: Mesa, AZ: November 3, 2021 – Baywood Medical Associates, PLC dba Desert Pain Institute (“DPI”), a health care provider specializing in pain management located in Mesa, Arizona, has become aware of a data security incident…
Cyber Attack Knocks Ohio County Library Computers Offline
Mike Sigov reports: A cybersecurity incident has knocked out the Toledo Lucas County Public Library website and computer systems for the second day in a row, and officials are unsure when service might be restored. Stephanie Elton, the library’s assistant manager of communications, innovation and strategy, said the service outage happened because of a “targeted…
Hacker who posted ‘pwned’ on MIAA website says they hoped to help expose security flaws
Tom Westerholm reports: A hacker who goes by the screen names “netsaosa” and “g0retrance” got into the Massachusetts Interscholastic Athletic Association (MIAA) website on Monday and posted “pwned,” briefly derailing the release of the MIAA’s official statewide brackets for state tournament games. Reporters noted the delay before MassLive.com’s Meredith Perri realized the site was compromised. A pop-up in…