Catalin Cimpanu reports: Ransomware gangs have silently hit three US water and wastewater treatment facilities this year, in 2021, the US government said in a joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA. The attacks —which had been previously unreported— took place in March, July, and August and hit facilities in Nevada,…
Category: U.S.
Convicted SUNY Plattsburgh hacker’s sentencing adjourned, counsel seeks expert services
Fernando Alba of The Press-Republican reports: Convicted hacker and SUNY Plattsburgh alumnus Michael P. Fish’s sentencing has been adjourned again Thursday. Fish’s attorney asked for a 60-day extension to complete court approved expert witness services requested in August, according to court documents. Fish pleaded guilty to aggravated identity theft, computer intrusion and child pornography possession…
Williamsville School employees’ private health data inadvertently leaked by Independent Health
WGRZ reports: Independent Health said Friday that the names, member ID numbers and medical information for over 500 Williamsville School District employees were accidentally released to stop loss carriers and brokers. The inadvertent breach took place between August 2019 and August 2021 and was discovered during a regular safety and security review. It did not…
Missouri Teachers’ Social Security numbers at risk on state agency’s website; state’s response is to shoot the messenger?
Josh Renaud reports: The Social Security numbers of school teachers, administrators and counselors across Missouri were vulnerable to public exposure due to flaws on a website maintained by the state’s Department of Elementary and Secondary Education. The Post-Dispatch discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials…
Update: Missouri Delta Medical Center acknowledges ransomware incident
DataBreaches.net has continued to follow up on the ransomware attack on Missouri Delta Medical Center claimed by Hive threat actors. This site broke the story about the breach on September 12. Several days ago, the listing for MDMC was removed from Hive’s leak site, despite the threat actors’ warnings that they were going to follow…
Olympus US systems hit by cyberattack over the weekend
Sergiu Gatlan reports: Olympus, a leading medical technology company, was forced to take down IT systems in the Americas (U.S., Canada, and Latin America) following a cyberattack that hit its network Sunday, October 10, 2021. “Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working…