Here’s another k-12 data security incident that does not appear to have made news or to have been revealed on a school district’s website (at least as far as DataBreaches.net can determine): On behalf of Spotswood Public Schools in New Jersey, Baker & Hostetler notified the Maine Attorney General’s Office that Spotswood experienced a ransomware…
Category: Malware
Episcopal Retirement Services suffered two ransomware attacks in a one-month period
It’s bad enough experiencing one ransomware attack. Imagine experiencing two, because that’s what Episcopal Retirement Services (ERS) in Ohio has been dealing with. On or about September 24, ERS discovered that i had been the victim of what it describes as a cyberattack that impacted its systems and servers. Then on October 22, they experienced…
[Conti] Ransomware Group In-Depth Analysis
PRODAFT Threat Intelligence (PTI) Team has obtained valuable insights on the inner workings of the Conti ransomware group. The PTI team accessed Conti’s infrastructure and identified the real IP addresses of the servers in question. This report provides unprecedented detail into the way the Conti ransomware gang works, how they select their targets, how many…
Update: Eskenazi patients receive letter in the mail alerting them of cyber security breach 6 months ago
Bianca Reyes has an update on the Eskenazi ransomware incident that this site has been reporting on since August: Roughly three months after Eskenazi Health released a statement announcing a cyber security breach that compromised personal data, some patients are just now receiving that news in the mail. According to this release posted last month, Eskenazi…
Officials confirm patient data stolen in N.L. cyberattack
CBC News reports: Officials have confirmed that personal information of medical patients in Newfoundland and Labrador has been stolen in the cyberattack that has wreaked havoc on the provincial health-care system for over two weeks. While speaking with reporters on Monday, Justice Minister John Hogan said it was his understanding that both patient and employee…
Critical Infrastructure Protection: Education Should Take Additional Steps to Help Protect K-12 Schools from Cyber Threats
GAO-22-105024 Published: Oct 13, 2021. Publicly Released: Nov 12, 2021. Highlights from the government report: What GAO Found Federal guidance, such as the National Infrastructure Protection Plan (National Plan), specify the roles and responsibilities of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Department of Education’s Office of Safe and Secure…