Steven Luke and R. Stickney report: San Diego Unified School District officials are informing parents and former students of a large data breach. Personal data including Social Security numbers from as many as 500,000 students was compromised or possibly stolen, officials say. The breach dating back to January 2018 was uncovered in October by district IT employees who…
Category: Phishing
Man pleads guilty to phishing scheme that victimized Connecticut school employees
A 36-year-old Nigerian citizen pleaded guilty Thursday before a federal judge to a conspiracy charge stemming from a scheme to obtain the personal identifying information of school employees, including some at Sacred Heart Academy in Hamden. Olukayode Ibrahim Lawal, last living in Smyrna, Georgia, pleaded guilty before U.S. District Judge Jeffrey A. Meyer in New…
Hackers bypass two-factor authentication “at scale”
Sam Tidmarsh reports: Multiple credentials phishing campaigns targeting human rights activists and journalists across the Middle East and North Africa have been disclosed by Amnesty International. Credentials phishing deploys imitations of websites, wherein a login prompt lures a victim into entering their personal details, which are then transmitted to the attacking party. In this case,…
Government Hackers Assault Hundreds Of ‘Secure’ Google Accounts With Evil Phishes
Thomas Brewster reports: Over at least the last two years, a group of government hackers has been targeting supposedly secured email services from the likes of Google, Yahoo, Protonmail and Tutanota. Most targets are in the Middle East and Africa and, though it remains unclear just where the hackers themselves hail from, the attacks appear…
Dozens of SF State student accounts hacked in phishing attacks
Joshua Chan reports: Dozens of students were shocked to learn that they were suspended from SF State last week when an email appearing to be from California State University’s chancellor gave them the bad news. But when they clicked on a link in the email, the truth was revealed — they had just been hacked….
Aspire Health says stolen emails never opened, abandons hunt for hacker
Brett Kelman reports an update to a phishing incident in September: A large Nashville-based healthcare company that was hacked earlier this year said Tuesday an internal investigation has revealed the stolen emails were intercepted before they were ever opened by the cyberattacker. Aspire Health, which offers in-home treatment in 25 states, has also abandoned its legal hunt for the…