Some readers may have trouble accessing a notice from the School of Medicine at the University of North Carolina — Chapel Hill due to an issue with Chrome, so I’m embedding the whole notification below. TL;DR version: some employees fell for a phishing attack and their email accounts may have been accessed between May 17,…
Category: U.S.
TX: PNGISD technology held for ransom
Mary Meaux reports: Port Neches-Groves Independent School District was hit by ransomware, causing the disruption of all technology connections on Tuesday. Assistant superintendent Julie Gauthier provided a statement about the cyber security attack, saying the district is working with local law enforcement and forensic and cyber security specialists to remedy the situation. Read more on…
CT: Starling Physicians Warns Patients of Data Breach
NBC reports: According to an announcement released Tuesday, Starling was the target of a cyber-phishing attack on February 8. When the Connecticut-based healthcare group learned of the breach, they secured the affected email accounts and hired a forensic security firm. On September 12, investigation found that the email accounts affected by the attack contained information…
Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin
Brian Krebs reports: Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was…
VA: Purcellville Sorts Data Breach Stemming from 2017 Botched Investigation
This one may be confusing to follow unless you’ve followed some issues involving this town in the past, but have a go at it anyway. Patrick Szabo reports: The Purcellville Town Council held an emergency meeting Saturday afternoon to discuss a “data security incident” related to a flash drive filled with more than 9 gigabytes…
A leak report quietly disappears, leaving questions in its wake
On October 8, Jeremiah Fowler reported that he had discovered a non-password protected database that contained what appeared to be information regarding healthcare workers and traveling nurses. If you had read the report on Security Discovery at the time, you would have read that almost one million people were potentially affected. Based on that reporting,…