In what seems like a mind-boggling OPSEC #FAIL, a U.K. man associated with thedarkoverlord allegedly used his real details to create bank accounts as well as to open email accounts, phone numbers, vpn, Twitter, and PayPal accounts that thedarkoverlord used as part of its operations to hack and extort victims. For a group that signed…
Category: Hack
OR: Klamath County Veterans Service Office Provides Notice of Data Security Incident
On January 2, 2019, Klamath County notified individuals that their personal information was affected by a Veterans Service Office data security incident. On September 19, 2019, the Klamath County IT Department became aware of unusual activity of one of its Veterans Service Office employee’s email accounts. Klamath County immediately launched an investigation and determined that the Veterans Service Office employee’s email…
School software vendor Active Network suffers data breach
Doug Olenick reports that Active Network’s Blue Bear Software platform reported that unauthorized activity in its network in October resulted in customer PII being exposed. The company reported the issue to the California Attorney General’s office stating it recently became aware that between Oct. 1, 2019 and Nov. 13, 2019 there was illegal activity taking place on…
Ghosts in the Clouds: Inside China’s Major Corporate Hack
Rob Barry and Dustin Volz report: The hackers seemed to be everywhere. In one of the largest-ever corporate espionage efforts, cyberattackers alleged to be working for China’s intelligence services stole volumes of intellectual property, security clearance details and other records from scores of companies over the past several years. They got access to systems with…
CO: Aurora Water announces data breach involving Click2Gov payment system
Author: Janet Oravetz reports: Personal information of some Aurora Water customers, such as names, card numbers and expiration dates, may have been compromised through a data breach, according to the city’s water department. The department made an announcement about the security incident on Monday and said customers who used the Click2Gov payment system to make one-time…
As 2019 draws to a close, some entities are taking harder look at storing PHI in employee email accounts
Okay, so two exemplars doesn’t prove any kind of trend, but I’m glad to see some entities now taking steps to reduce how much PHI is stored in employee email accounts. Here are two recent incidents, both reported to HHS in December: Healthcare Administrative Partners (HAP) is a Pennsylvania-based business associate under HIPAA. On December…