Update: After you read the news report below, do read Brian Krebs’ report on how he had warned them that DoppelPaymer operators had compromised one of their Windows 10 systems. The city thought it dodged the bullet after responding to his alert. They hadn’t. WAFF in Alabama reports: The city of Florence confirms its computer…
Category: U.S.
PA: Everett & Hurite Ophthalmic Association discloses breach involving protected health information
From Everett & Hurite Ophthalmic Association, this breach notification: Everett & Hurite Ophthalmic Association (“EHOA”) is posting the following statement to inform our patients of a recent event that could potentially affect the security of certain information. EHOA takes this incident very seriously and we regret any inconvenience or concern this incident may cause. What…
San Francisco Employees’ Retirement System notifies employees of contractor breach
The San Francisco Employees’ Retirement System has been notifying people about a breach. From their notification, this explanation of what happened: The Retirement System contracts with vendors to provide SFERS members with on‐ line access to their account information. One of the vendors, 10up Inc., set up a test environment on a separate computer server…
University of Utah patients notified after phishing incident compromised employee email accounts
David Wells reports: Some of University of Utah Health’s patients are receiving notice that their private information may have been compromised in a recent email security breach. According to U of U Health, some of its employees’ email accounts were compromised in phishing schemes, resulting in unauthorized access of those accounts between April 6 and…
NetWalker ransomware continues streak of college attacks
Benjamin Freed reports: A form of ransomware known as NetWalker added two more colleges to its list of victims Wednesday by claiming to have stolen files from Columbia College in Chicago and the University of California, San Francisco, according to screenshots posted on a blog maintained by the hackers behind the attacks. Read more on…
Two Data Breaches Hit Kentucky Employees’ Health Plan
Sarah Michels reports: Nearly a thousand members of Kentucky Employees’ Health Plan (KEHP) were victims of a data breach that took place in late April and mid-May, according to a statement released by the Commonwealth of Kentucky Personnel Cabinet on June 2. During the first attack, from April 21 to 27, 971 KEHP members accounts…