Zack Whittaker reports: Volkswagen says more than 3.3 million customers had their information exposed after one of its vendors left a cache of customer data unsecured on the internet. The car maker said in a letter that the vendor, used by Volkswagen, its subsidiary Audi and authorized dealers in the U.S. and Canada, left the customer data…
Category: U.S.
Update on Union Community School District ransomware incident
On June 1, DataBreaches.net reported that DoppelPaymer threat actors had apparently attacked Union Community School District in Iowa and exfiltrated data about employees and students. Neither the district’s superintendent nor any board of education members had responded to this site’s inquiries about whether there had been any public disclosure of the breach that occurred in…
Healthcare entities in Saudi Arabia, Illinois, and Mississippi fall prey to Xing Team
Note: updates to the breaches included in this report appear below the original post. Some threat actors have gained a lot of notoriety while others are lesser known. In this article, DataBreaches.net reports on a relatively unknown group that has been hitting the healthcare sector, “Xing Team.” Like other groups, Xing maintains a dedicated leak…
Arizona Asthma and Allergy Institute Provides Notice of Maze Attack in 2020
An incident initially reported to HHS on May 3 has been updated to 70,372 patients from the initial report of 50,000. The following is the entity’s notice on their web site, and after you read it, I’ll meet you on the other side to explain it more, because they only discovered the breach when DataBreaches.net…
Cost of ransomware attack on Baltimore County public schools climbs to $7.7M
Lillian Reed reports: Baltimore County school officials estimate the ransomware attack in November will cost the system at least $7.7 million, nearing what Baltimore City spent following a similar attack in 2019. The estimated costs cover a wide range of programs, services, trainings and licenses that helped Maryland’s third-largest school system respond to and recover…
Lewd Phishing Lures Aimed at Business Explode
Socially engineered BEC attacks using X-rated material spike 974 percent. Becky Bracken reports: Attackers have amped up their use of X-rated phishing lures in business email compromise (BEC) attacks. A new report found a stunning 974-percent spike in social-engineering scams involving suggestive materials, usually aimed at male-sounding names within a company. The Threat Intelligence team…