The Chronicle reports: The Adna School District was defrauded of $346,000 through what school officials have called a “sophisticated phishing scam,” according to Adna Superintendent Thad Nelson. The district announced the fraud in a detailed email to The Chronicle on Thursday, noting that after the activity was confirmed, the district notified the FBI, the Washington…
Category: Phishing
Russian hackers exfiltrated data from from Capita over a week before outage
Kevin Beaumont writes: Capita have finally admitted a data breach, but still do not think they need to disclose key details of the incident to customers, regulators, impacted parties and investors. So in this piece we shall dig into the details using open source intelligence, and prove Capita was penetrated by Black Basta ransomware group using…
Daggerfly Cyberattack Campaign Hits African Telecom Services Providers
Ravie Lakshmanan reports: Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also tracked by the broader cybersecurity community as Bronze Highland and Evasive Panda….
Hospitals owned by Universal Health Services start filing breach reports about Adelanto HealthCare Ventures breach in 2021 (Update5)
Happening now: A number of hospitals are filing breach notices this week that appear to be linked to a breach at Adelanto HealthCare Ventures (AHCV) in 2021. The hospitals are all owned by Universal Health Services LLC (UHS). So far, DataBreaches has found McAllen Hospitals, LP d/b/a South Texas Health System, Doctors Hospital of Laredo,…
Norwegian data protection authority fines U.S. firm almost $240,000 for failure to notify within 72 hours
It’s encouraging to see breach notification deadlines taken seriously. The Norwegian Data Protection Authority has imposed a monetary penalty of NOK 2.5 million on Argon Medical Devices for breaching Article 33 (1) of the GDPR. That article requires controllers to notify the regulator of a personal data breach within 72 hours. According to Datatilsynet (the…
Atlanta man sentenced to federal prison in connection with a multi-million dollar international cyber and fraud scheme
There’s an update to a previously reported case: ATLANTA – Christian Akhatsegbe has been sentenced for wire and computer fraud conspiracy, access device fraud, and aggravated identity theft related to a multi-million-dollar cyber-fraud scheme perpetrated through email phishing, credential harvesting, and invoice fraud. His brother, Emmanuel Aiye Akhatsegbe, who is believed to be residing in…