Category: U.S.

NY: Filters Fast Settles Charges Stemming from Failure to Patch Critical Vulnerability Exploited in 2019 Data Breach

Posted on by Dissent

In 2019, Filters Fast experienced a data breach when a threat actor exploited a plugin vulnerability in vBulletin. Using SQL injection, the attacker was able to obtain consumers’ cardholder names, billing addresses, expiration dates, validation codes, and primary account numbers for purchases made between June, 2019 and July, 2020. Filters Fast did not detect any…

Read more

Trailer maker Utility targeted in “cyber event”

Posted on by chum1ng0

Nate Tabak reports: Utility Trailer Manufacturing, one of the largest U.S. producers of trailers for the trucking industry, was targeted in an apparent ransomware attack that exposed personal information of numerous employees. The California-based company told FreightWaves that it had “suffered a cyber event” that disrupted some systems temporarily. The company disclosed the incident after…

Read more

Student health insurance carrier Guard.me suffers a data breach

Posted on by Dissent

Lawrence Abrams reports: Student health insurance carrier guard.me has taken their website offline after a vulnerability allowed a threat actor to access policyholders’ personal information. guard.me is one of the world’s largest insurance carriers specializing in providing health insurance to students while traveling or studying abroad in another country. Read more on BleepingComputer.

Read more

NC: Update to Allergy Partners ransomware incident

Posted on by Dissent

Back in February, there were media reports that Allergy Partners in North Carolina had been impacted by a ransomware attack on February 23. The threat actors, who were not identified, reportedly demanded $1.75 million ransom. The medical practice was able to restore services in 8 days and noted that they had not paid any ransom….

Read more