In September, DataBreaches.net reported that Maze threat actors claimed to have attacked an Ohio public school district, but the district was not responding to inquiries from this site about the claims. One month later, this site named the district as Toledo Public Schools and reported that while Maze had dumped files with student and employee…
Category: Malware
Sophisticated hackers snuck sleeper malware into nearly 30,000 Macs
Sean Hollister reports: There’s a popular stereotype that Apple’s computers are largely immune to malware. Not only is is that incorrect, it appears that sophisticated hacker(s) might have been toying with the idea of a heist or drop nasty enough they’d have needed to cover their tracks. As Ars Technica reports, security researchers at Malwarebytes and Red Canary discovered…
SG: Undertaking by StarMed Specialist Centre Pte Ltd
The Personal Data Protection Commission of Singapore announced a new undertaking this week. The incident that led to the investigation was a ransomware attack on a medical entity, and findings included that the entity had left RDP open and had weak login credentials, among other concerns. The undertaking was to get them to harden their…
Update to Chatham County ransomware attack
There’s an update to a previously reported ransomware attack by DoppelPaymer threat actors on Chatham County, North Carolina. Read the update in Courier-Tribune. They report that the ransomware entered the county network through a phishing email with a malicious attachment. In related news, the News & Observer reports that the ransom demand had been worth…
Underwriters Laboratories (UL) certification giant hit by ransomware
Lawrence Abrams reports: UL LLC, better known as Underwriters Laboratories, has suffered a ransomware attack that encrypted its servers and caused them to shut down systems while they recover. […] BleepingComputer has learned that UL suffered a ransomware attack last weekend that encrypted devices in their data center. Read more on BleepingComputer.
Kroger reports Accellion data breach affecting pharmacy records, associate HR data
Updated March 9: This incident subsequently appeared on HHS’s public breach tool as having been reported to HHS on February 19 and impacting 368,100 patients. Brian Planalp reports: Kroger is informing some customers and associates that a third-party software company it uses for data services recently suffered a data breach. Kroger’s own IT systems were not…