I won’t let this devolve into a debate on who makes the best hamburgers, but Five Guys Enterprises, LLC is notifying its employees about a data breach that affects them. According to a copy of its notification letter, submitted to the California Attorney General’s Office on November 2: On August 6, the firm discovered that…
Category: Phishing
Man who targeted Georgia Tech employees through phishing scheme sentenced
J. D. Capelouto reports: A Nigerian man was sentenced to five years and 11 months in prison on Monday for his role in an online scam that accessed the employee bank accounts of several colleges and universities, including some at Georgia Tech, federal prosecutors said Tuesday. Olayinka Olaniyi, 34, was part of a “phishing” scheme that…
NC: Notice to Catawba Valley Medical Center Patients of a Phishing Email Incident
This notice from their web site just showed up in my searches: Catawba Valley Medical Center (CVMC) is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice concerns an incident that may have involved some of that information. On August 13, 2018, CVMC determined an unauthorized person may have gained…
State officials grill Minnesota DHS over two breaches
KSTP reports: On Wednesday, state leaders addressed two recent data breaches at the Department of Human Services. […] “Could you please try and help us connect why there was such a failure here of four months before folks were notified of the compromising situation of their private data?” asked Sen. Mary Kiffmeyer, (R) Big Lake….
Henderson ISD falls victim to fraud in a business email compromise scheme
David Chenault reports: Financial scammers stole more than $600,000 from Henderson ISD through a sophisticated, yet common, fraud scheme. According to HISD’s financial records, on Sept. 26, the district initiated a $609,615.24 direct electronic bank payment (known as an Automated Clearing House or ACH) to RPR Construction Company Inc. The firm is overseeing the construction…
BEC-as-a-service offers hacked business accounts for as little as $150
Graham Cluley reports: New research has revealed that business email compromise is being made easier for any criminal to add to their arsenal. Researchers at threat intelligence firm Digital Shadows report that companies don’t even need to be hacked to spill their address books and email archives. Careless backups of email archives on publicly-accessible rsync,…