Mark Fowser reports: Worcester County has discovered a breach of the county government email account which contained limited personal information belonging to about 3,000 government and board of education employee and retiree accounts. Cybersecurity professionals discovered the breach while conducting a forensic investigation into a phishing incident that occurred between November 10th and November 20th,…
Category: Phishing
New York dental insurer reports phishing incident, French hospital group hit in ransomware incident
Healthplex, Inc. in New York provides dental insurance plans. On November 24, 2021, an employee reportedly fell for a phishing attempt. As a result, the insurer notified 76,262 of their insured members whose personal information may have been impacted. They do not make clear whether their investigation confirmed access and exfiltration or just access, so…
Growing Number of Contra Costa Community College District Email Accounts Compromised By Phishing Attack
Takeshi Kawata reports: Over the past month, Contra Costa Community College District (4CD) students and faculty have been inundated with phishing emails from compromised student and employee accounts, according to the district. The vast majority of phishing emails contain links to forms that request individuals’ personal information. The recent outbreak of scam emails is the…
Fake Phishing Email Sent by Oregon Health and Sciences University to Gauge Employee Gullibility Draws Sharp Criticism from Labor Union
Sophie Peel reports: An email sent by Oregon Health and Sciences University on April 12 to all its employees advertised a program offering up to $7,500 aid to employees struggling with finances due to the pandemic. It asked recipients to click a link. The link, when clicked, routed to a page that said no financial…
Details on the Weatherford ISD data breach
DataBreaches.net has received the following statement from Charlotte LaGrone, Executive Director of Communications for Weatherford ISD, concerning the breach DataBreaches.net reported yesterday: Weatherford ISD Statement on Data Breach The confidentiality, privacy, and security of information in our care is one of our highest priorities. Despite multiple layers of processes and procedures to prevent a data…
Fake Trezor data breach emails used to steal cryptocurrency wallets
Lawrence Abrams reports: A compromised Trezor hardware wallet mailing list was used to send fake data breach notifications to steal cryptocurrency wallets and the assets stored within them. Trezor is a hardware cryptocurrency wallet that allows you to store your crypto assets offline, rather than using cloud-based wallets or wallets stored on your PC that…