Alex Rose reports: Delaware County District Attorney Jack Stollsteimer announced Friday that an international thief or thieves stole approximately $3 million from the Chester Upland School District last year using a Florida woman as a “money mule,” but said it might have been much worse if not for the intervention of officials with the Department…
Category: Phishing
A huge phishing campaign has targeted over 130 companies, affecting Twilio and Signal
Jess Weatherbed reports: Over 130 organizations, including Twilio, DoorDash, and Cloudflare, have been potentially compromised by hackers as part of a months-long phishing campaign nicknamed “0ktapus” by security researchers. Login credentials belonging to nearly 10,000 individuals were stolen by attackers who imitated the popular single sign-on service Okta, according to a report from cybersecurity outfit Group-IB. Read more…
UAE: Cybercriminal arrested for trying to embezzle Dh2.8 million in phishing scam
Afkar Ali Ahmed reports: The Sharjah Police have arrested a 32-year-old man who tried to embezzle Dh2.8 million after hacking an advertisement company’s bank account. The Asian suspect committed the cyber fraud through phishing, the police said. Lt.-Col. Muhammad bin Haider, acting head of the Buhaira Comprehensive Police Station, said the suspect was arrested within…
How many breaches has Overlake Medical Center & Clinics experienced in the past few years?
In February 2020, Overlake Medical Center and Clinics in Washington State reported a phishing incident in December 2019. More than 109,200 patients were reportedly affected. HHS investigated the incident and wrote a closing note in the file: Overlake Medical Center and Clinics, the covered entity (CE), reported that multiple employees were the victims of an…
Hacker accesses injured workers’ personal info in cyberattack on North Dakota agency
It’s not often we see a breach report from North Dakota. Forum reports: The North Dakota Workforce Safety & Insurance agency was a victim of a cybersecurity attack on June 28 that involved personal data, according to a statement released by WSI on Friday, Aug. 19. According to the statement: A Workforce Safety & Insurance…
Disrupting SEABORGIUM’s ongoing phishing operations
From Microsoft’s Blog: The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an actor Microsoft has tracked since 2017. SEABORGIUM is a threat actor that originates from Russia, with objectives and victimology that align closely with Russian state interests. Its campaigns involve persistent phishing and credential theft…