On March 17, the DoppelPaymer threat actors added Azusa Police Department in California to the leak site where they list ransomware victims who have refused to pay their ransom demands. On April 22, the threat actors increased the pressure on the department — or attempted to — by dumping some files as proof that they…
Category: Government Sector
It: Municipality of Porto Sant’Elpidio publicly quiet after ransomware attack and partial dump of files
This week, DataBreaches.net reported on a new dedicated leak site and threat actors who had hit Clover Park School District in Washington. The same threat actors, whose name is not even clear (are they PayOrGrief or Grief_List or…) have listed three other victims on their site who presumably did not pay their ransom demands. One…
US soldiers accidentally leak nuclear secrets via study apps — report
Alex Berry reports: Troops on US bases in Europe housing nuclear weapons have been using publicly accessible online flashcard apps to remember long and complex security protocols, the investigative website Bellingcat revealed on Friday. The military personnel turned to sites such as Quizlet, Chegg Prep and Cram to memorize codes, jargon and even the status of nuclear…
Russian SolarWinds hackers launch email attack on government agencies
Nobelium launched the attacks after getting access to an email marketing service used by the United States Agency for International Development, or USAID, according to Microsoft. Guardian staff and agencies report: The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted phishing assault on US and foreign government agencies and thinktanks this…
Philly data breach that impacted health employee emails also hit other departments
Emily Scott reports: The City of Philadelphia has released an update on an investigation into a data breach that left some employee email accounts accessible to unauthorized individuals. The incident, initially identified in March 2020, was the result of an employee’s email account that was exposed due to a phishing attack. The breach impacted people receiving services…
Japanese government agencies suffer data breaches after Fujitsu hack
So it may not be just 76,000 email addresses… Ax Sharma reports: Offices of multiple Japanese agencies were breached via Fujitsu’s “ProjectWEB” information sharing tool. Fujitsu states that attackers gained unauthorized access to projects that used ProjectWEB, and stole some customer data. It is not yet clear if this breach occurred because of a vulnerability exploit, or a…