BOSTON — A Georgia-based home health and hospice care company will pay $425,000 after it failed to implement proper security measures to protect the personal information of patients and employees, Attorney General Maura Healey announced today. The complaint and consent judgment against Aveanna Healthcare, LLC, entered today in Suffolk Superior Court, follows a series of phishing attacks that impacted more than…
Category: Phishing
Dropbox admits 130 of its private GitHub repos were copied after phishing attack
Simon Sharwood reports: Dropbox has said it was successfully phished, resulting in someone copying 130 of its private GitHub code repositories and swiping some of its secret API credentials. The cloud storage locker on Tuesday detailed the intrusion, and stated “no one’s content, passwords, or payment information was accessed, and the issue was quickly resolved.” Read more…
Twitter’s verification chaos is now a cybersecurity problem
Zack Whittaker reports: Cybercriminals are already capitalizing on Twitter’s ongoing verification chaos by sending phishing emails designed to steal the passwords of unwitting users. The phishing email campaign, seen by TechCrunch, attempts to lure Twitter users into posting their username and password on an attacker’s website disguised as a Twitter help form. Read more at TechCrunch.
Employees Report Boss’ Email as Scam After Being Forced to Watch 2-Hour Seminar on Phishing Scams
From Cheezburger: The only thing worse than getting your massive pile of work interrupted by one of those company-wide hours-long mandatory seminars is having to do the seminar twice. After completing one such seminar about how to spot an email phishing scam, one employee received an email from their “IT director” that included a link, which…
Bed Bath & Beyond reviewing possible data breach (UPDATED)
Reuters reports: Bed Bath & Beyond Inc said on Friday a third party had this month improperly accessed its data through a phishing scam by accessing the hard drive and certain shared drives of one of its employees. The big-box retailer said it was reviewing the data that was accessed so it can determine whether…
AU: Police called after SA Liberal Party caught up in alleged data breach
Angie Raphael reports: Police are investigating an alleged major data breach involving the private details of about 2000 members of the South Australian Liberal Party. Detectives are investigating allegations party officials were impersonated, with names, addresses, phone numbers and other data allegedly stolen. In an email to members on Friday, the party said it “recently…