Marc Hershberg reports: Someone snuck into the Shubert Organization. According to a letter mailed to certain customers, Shubert executives came across some suspicious activity on an employee’s email account last February, and teamed up with some forensic experts to investigate what was happening. The probe found that someone had gained access to several employee’s email…
Category: Hack
Medical Informatics Engineering Agrees to Pay $100,000 and to Implement Corrective Action Plan to Settle 2015 HIPAA Breach
From HHS, an update on the Medical Informatics Engineering breach of 2015 that resulted in a multi-state lawsuit (the first of its kind) in December, 2018: Medical Informatics Engineering, Inc. (MIE) has paid $100,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services, and has agreed take corrective…
Update: Georgia Tech to offer credit monitoring after data breach affecting 1.3M
Aaron Diamant reports: ATLANTA – Georgia Tech is taking steps to help people whose personal information may have been compromised during a data breach. Channel 2’s Aaron Diamant has been following this story since it broke in April, when the college said someone gained unauthorized access to a web application, affecting nearly 1.3 million people, including “some current…
Equifax just became the first company to have its outlook downgraded for a cyber attack
Kate Fazzini reports: Moody’s has just slashed its rating outlook on Equifax, the first time cybersecurity issues have been cited as the reason for a downgrade. Moody’s lowered Equifax’s outlook from stable to negative on Wednesday, as the credit monitoring company continues to suffer from the massive 2017 breach of consumer data. “We are treating…
UK: Cyber attack on Sunderland City Council database: Investigation after personal data accessed by hackers
Ross Robertson reports: Hackers have accessed users’ personal details in a cyber attack on Sunderland City Council’s library database. Council chiefs are warning users to be vigilant after a number of customers’ details were accessed during a cyber incident involving the library services customer database. This resulted in the unauthorised access to the details of…
MuddyWater Hacking Group Upgrades Arsenal to Avoid Detection
Sergiu Gatlan reports: The MuddyWater threat group has been updating its tactics, techniques, and procedures (TTPs) to include a number of new anti-detection techniques designed to provide remote access to compromised systems while evading detection as part of a new campaign dubbed BlackWater. MuddyWater (also known as SeedWorm and TEMP.Zagros) is an advanced persistent threat (APT) group — or a…