John Counts reports: Some email accounts of University of Michigan students and staff have been compromised, according to an alert posted on the school’s public safety departmental website Thursday. The alert says that more than 150 people on the system have fallen victim to “phishing emails” this week. People who have clicked on the scam…
Category: Malware
OK: Saint Francis Hospital Gift Shop Acts to Block Payment Card Security Incident
Saint Francis Health System (“Saint Francis”) takes seriously the privacy and confidentiality of the personal information provided to it by visitors to the Saint Francis Hospital gift shop. Regrettably, this notice is about an incident involving some of that information. On March 20, 2015, Saint Francis discovered that an unauthorized person remotely installed malware on the…
After breaches, higher-ed schools adopt two-factor authentication
Ann Bednarz reports: Payday didn’t go as planned on January 2, 2014, for some Boston University employees. On that day, about a dozen faculty members discovered their paychecks hadn’t been deposited into their bank accounts. Thieves had changed the victims’ direct deposit information and rerouted their pay. BU’s IT security team traced the attack to a phishing…
Eataly payment card breach spanned 3 months; NYC customers offered credit monitoring services
Eataly, the high-end Italian food market that announced a payment system breach provided additional details in an update: Eataly NY, LLC (“Eataly”) recently became aware of a personal information security incident possibly affecting certain individuals who made a payment card purchase at the Eataly NYC Retail Marketplace, located at 200 5th Avenue, New York, NY 10010 (the “NYC…
Japan’s pension system hacked, 1.25 million cases of personal data leaked
William Mallard of Reuters reports another breach due to successful phishing of employees: Japan’s pension system has been hacked and more than a million cases of personal data leaked, authorities said on Monday, in an embarrassment that revived memories of a scandal that helped topple Prime Minister Shinzo Abe in his first term in office. Japan…
Locker ransomware author dumps database of private keys, apologizes
Wow. Seen on Pastebin last night: Hi, I am the author of the Locker ransomware and I’m very sorry about that has happened. It was never my intention to release this. I uploaded the database to mega.co.nz containing “bitcoin address, public key, private key” as CSV. This is a dump of the complete database and…