Another Texas school district has disclosed that it was the victim of a cyberattack. Tuloso Midway Independent School District in Nueces County, Texas, has slightly under 3,900 students. A notice posted on their website yesterday explained that on March 16, 2022, one employee’s email account was accessed without authorization. The statement does not reveal when…
Category: Hack
US govt: Iranian hackers breached federal agency using Log4Shell exploit
Sergiu Gatlan reports: The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian Executive Branch (FCEB) organization to deploy XMRig cryptomining malware. The attackers compromised the federal network after hacking into an unpatched VMware Horizon server using an exploit targeting the Log4Shell (CVE-2021-44228) remote code execution…
Lake Charles Memorial Health system victim of cyberattack and data leak by Hive
On October 25, Lake Charles Memorial Health System (LCMH) in Louisiana received an email that began, “Ladies and gentlemen! Attention, please! This is Hive Ransomware Team.” The remainder of the email stated that Hive had been in LCMH’s network for 12 days and had exfiltrated 270 GB of files including patient and employee data. A…
AU: Legal Aid ACT won’t pay hackers’ ransom demands
Lottie Twyford reports: Legal Aid ACT has confirmed it will not pay the ransom demanded by the hackers who earlier this month stole private information from the commission. That hack could have exposed the data of some of the organisation’s most vulnerable clients, including refugees and victims of family violence. Read more at The Riot…
Surprise: Daniel Kaye, operator of The Real Deal, pleads guilty to one count, is sentenced to time served, and is released.
It seems like only weeks ago that the U.S. Attorney’s Office for the Northern District of Georgia was trumpeting the arraignment of Daniel Kaye, who had been indicted last year. Oh wait, it was only weeks ago. Kaye, also known as “Popopret,” “Bestbuy,” “TheRealDeal,” “Logger,” “David Cohen,” “Marc Chapon,” “UserL0ser,” “Spdrman,” “Dlinch Kravitz,” “Fora Ward,”…
New York-Presbyterian Hospital discloses breach affecting 12,000 patients
New York-Presbyterian Hospital posted a notice on their website on November 11. The incident has not yet shown up on HHS’s public breach tool, but undoubtedly will. Here is the description of the incident, as provided by the hospital: On September 8, 2022, NewYork-Presbyterian Hospital’s data security monitors received an alert of suspicious activity on…