On March 8, Kari Lucin at The Globe reported that District 518 in Minnesota had confirmed a data breach involving an employee’s email account, but didn’t anticipate a big problem. Yesterday, Lucin followed up with the district’s confirmation that no personal information or data had been taken or used in the February incident. An investigation…
Category: Hack
Montgomery County and Florida Women Convicted of Hacking One’s Former Employer and Attempting to Extort Them
PHILADELPHIA – United States Attorney Jennifer Arbittier Williams announced that Frances Marie Eddings, 68, of Orlando, FL, and Jude Denis, 54, of Wyncote, PA, were convicted after trial in the Allentown Federal Courthouse of accessing a computer system without authorization for pecuniary gain from a non-profit charity organization. In September 2019, the defendants were charged…
Update to Christie Clinics breach disclosure
On March 25, Christie Business Holdings Company, P.C. (“Christie Clinic”) disclosed a breach. As DataBreaches.net reported the next day, the clinic reported that an unauthorized actor had gained access to one business email account between July 14, 2021 and August 19, 2021. Christie’s investigation indicated that the intent of the attacker may have been to…
WI: Black River Falls School District closed Friday after cyberattack
WKBT reports: The Black River Falls School District canceled all classes Friday because of an incident involving unauthorized access to the district’s IT network. Superintendent Shelly Severson sent an email to parents Thursday night saying that student record system is unavailable, and the district has no access to attendance, medication records, family contact information, or…
Weekend potpourri of breaches and leaks
It’s the weekend, but breaches don’t take a break. Some breach or leak disclosures that I spotted in reading the news today: Ballad Health in Tennessee has disclosed a breach. As reported by WCYB, who also includes the full notice from Ballad, on or about January 13, Ballad detected unusual activity in an employee’s email…
Lapsus$, Okta and the Health Sector
A whitepaper from the HHS Cybersecurity Program. April 7, 2022 Available online at https://www.hhs.gov/sites/default/files/lapsus-okta-health-sector-tlpwhite.pdf (26 pp, pdf)