It looks like “SingularityMD,” the hacker(s) of Clark County School District in Nevada and Jeffco Public Schools in Colorado, are looking to start selling the data they exfiltrated. In an introductory post today on Breach Forums, they write: We are SingularityMD. We specialize in low sophistication corporate network infiltration. We are behind the following hacks…
Category: Hack
Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack
Team Huntress writes: In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat actor activity against multiple healthcare organizations. The attackers abused a locally hosted instance of a widely-used remote access tool, ScreenConnect—utilized by the company Transaction Data Systems (which…
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)
Helga Labus reports: A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. […] The (limited) attacks were first spotted by the Microsoft Threat Intelligence team, and they notified Israeli software maker SysAid about them on November…
Attorney General James Secures $450,000 from US Radiology Specialists for failing to protect patient data
The following press release from the NYS Attorney General’s Office relates to an incident previously noted on DataBreaches.net. The Assurance of Discontinuance provides details on the breach not previously known to this site and serves as a reminder of the need to timely update and patch. NEW YORK – New York Attorney General Letitia James…
Hackers give Jeffco Public Schools an extension on their deadline to respond; email parents about the breach (1)
On November 2, DataBreaches reported that the same threat actors that had hacked and exfiltrated data from Clark County School District in Las Vegas had also hit Jeffco Public Schools in Colorado. In communications shared with DataBreaches, “SingularityMD” as the hackers call themselves gave the district until today at 5 pm today to pay them…
Jeffco Public Schools hit by the same threat actors that hit Clark County School District — and via the same way
How many school districts have to get massively hacked by the same method before the U.S. Department of Education, CISA, and states start really pressuring public school districts to address well-known vulnerabilities that are being exploited? Maybe that shouldn’t be a rhetorical question. Last night, DataBreaches was contacted by the same threat actors who claimed…