Saint Francis Health System (“Saint Francis”) takes seriously the privacy and confidentiality of the personal information provided to it by visitors to the Saint Francis Hospital gift shop. Regrettably, this notice is about an incident involving some of that information. On March 20, 2015, Saint Francis discovered that an unauthorized person remotely installed malware on the…
Category: Malware
After breaches, higher-ed schools adopt two-factor authentication
Ann Bednarz reports: Payday didn’t go as planned on January 2, 2014, for some Boston University employees. On that day, about a dozen faculty members discovered their paychecks hadn’t been deposited into their bank accounts. Thieves had changed the victims’ direct deposit information and rerouted their pay. BU’s IT security team traced the attack to a phishing…
Eataly payment card breach spanned 3 months; NYC customers offered credit monitoring services
Eataly, the high-end Italian food market that announced a payment system breach provided additional details in an update: Eataly NY, LLC (“Eataly”) recently became aware of a personal information security incident possibly affecting certain individuals who made a payment card purchase at the Eataly NYC Retail Marketplace, located at 200 5th Avenue, New York, NY 10010 (the “NYC…
Japan’s pension system hacked, 1.25 million cases of personal data leaked
William Mallard of Reuters reports another breach due to successful phishing of employees: Japan’s pension system has been hacked and more than a million cases of personal data leaked, authorities said on Monday, in an embarrassment that revived memories of a scandal that helped topple Prime Minister Shinzo Abe in his first term in office. Japan…
Locker ransomware author dumps database of private keys, apologizes
Wow. Seen on Pastebin last night: Hi, I am the author of the Locker ransomware and I’m very sorry about that has happened. It was never my intention to release this. I uploaded the database to mega.co.nz containing “bitcoin address, public key, private key” as CSV. This is a dump of the complete database and…
Small businesses trashed in big “Grabit” malware campaign
Darren Pauli reports: Kaspersky researcher Ido Noar says attackers have hit hundreds of small and medium businesses, stealing credentials and documents in a noisy smash-and-grab campaign. Noar says criminals have stolen some 10,000 documents from nanotechnology, education, and media outfits in an attack that foists a newly-discovered strain of malware called “Grabit”. Read more on…