Lightfoot, Franklin & White, LLC is a law firm based in Birmingham, Alabama that handles commercial litigation, product liability, professional liability, white-collar criminal, and other legal matters. In a copy of a notification obtained by DataBreaches.net, they forthrightly informed affected clients that there had been a ransomware incident: On April 17, 2021, we learned of…
Category: Commentaries and Analyses
Did your risk assessment include what’s in your employees’ email accounts?
Today’s reminder that employee email accounts often contain a ton of personal and sensitive information, and if you cannot figure out what emails or attachments were accessed, you will have one helluva task when it comes to notifications. From STG International‘s notification: STG International, Inc. (“STGi”) is providing notice of a recent event that may…
Your Pricey Peloton Has Another Problem For You To Sweat Over
Savannah Sicurella reports: Peloton users have something new to worry about. In a new report, security company McAfee says hackers can gain remote access to a Peloton bike’s camera and microphone and can monitor users. The attackers can also add apps disguised as Netflix and Spotify to encourage users to input login credentials for later malicious…
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Tyler McLellan, Robert Dean, Justin Moore, Nick Harbour, Mike Hunhoff, Jared Wilson, Jordan Nuce of FireEye report: Mandiant observed DARKSIDE affiliate UNC2465 accessing at least one victim through a Trojanized software installer downloaded from a legitimate website. While this victim organization detected the intrusion, engaged Mandiant for incident response, and avoided ransomware, others may be…
SCOOP: UnitingCare paid hundreds of thousands of dollars to REvil for decryption key and deletion of files
On April 25, UnitingCare Queensland (UCQ) was the victim of a ransomware attack that impacted multiple Queensland hospitals and aged care centres. The next day, they posted a notice on their web site informing people as to what was happening and its impact. And on May 5, they posted a second update where they revealed…
NYS Comptroller DiNapoli Releases School District Audit of East Syracuse-Minoa Central School District – Information Technology (Onondaga County and Madison County)
Summary: Audit Objective Determine whether East Syracuse Minoa Central School District (District) officials established adequate information technology (IT) controls to ensure employees’ personal, private and sensitive information (PPSI) on the financial server was adequately protected from unauthorized access, use and loss. Key Findings District officials did not adequately apply established IT controls to ensure PPSI…