Christopher White writes: A clergy abuse victim who participated in the Philadelphia Archdiocese’s independent compensation program for survivors is alleging that the confidentiality of nearly 50 other victims was compromised when the program administrator mistakenly sent the individual an email in 2019 with the names of participants from another diocese’s program. Since October 2016, Kenneth…
Category: Miscellaneous
SANS infosec training org suffers data breach after phishing attack
Lawrence Abrams reports: The SANS cybersecurity training organization has suffered a data breach after one of their employees fell victim to a phishing attack. […] In a notification posted to their site today, SANS states that one of their employees fell for a phishing attack that allowed a threat actor to gain access to their…
Hacking medical devices to hijack secure facilities
Fahmida Y. Rashid reports: People entering secure facilities—such as those found in military, security, and government agencies—are often asked to hand over their connected devices such as fitness trackers and smartphones. Those devices are stored in secure lockers and then returned when their owners leave the facility. All this is done in the name of…
Scholarship America notifies individuals of breach
There have been so many Blackbaud-related security notifications that my first thought was that one by Scholarship America would be more of the same. But it’s not. It’s another hack involving Microsoft Office 365 accounts, which has been a growing problem this year. From their press release yesterday: – Scholarship America, a nonprofit organization that manages…
UK Dentists May Have Had Bank Details Stolen Following Data Breach
When I saw the ransomware attack on the British Dental Association noted on a Russian-language forum, I didn’t think too much about it. After all, it was just another professional organization or guild organization, right? Maybe I should have paid more attention because the organization may have stored more personal and sensitive information that I…
Russian hackers suspected in Covid-19 vaccine intellectual property theft, report says
Alaric Dearment reports: Computer hackers “almost certainly” part of Russian intelligence services have a new target: Covid-19 vaccine development efforts. In a report Thursday, the U.K.’s National Cyber Security Centre and Canada’s Communications Security Establishment said that the hacker group APT29, also known as “Cozy Bear” and “The Dukes,” had been targeting various organizations involved with Covid-19…