Graham Cluley reports: New research has revealed that business email compromise is being made easier for any criminal to add to their arsenal. Researchers at threat intelligence firm Digital Shadows report that companies don’t even need to be hacked to spill their address books and email archives. Careless backups of email archives on publicly-accessible rsync,…
Category: Phishing
Aspire Health hacked by phishing scheme, lost ‘protected health information’
Brett Kelman reports: Aspire Health, a large Nashville health care company that offers in-home treatment in 25 states, was hacked earlier this month and lost at least some patient information to an unknown cyberattacker. The hack, disclosed for the first time in federal court records filed on Tuesday, occurred after a phishing attack gained access to…
Guardant Health to Notify HHS & 1,100 individuals of phishing attack that involved PHI
Omar Ford reports: Liquid Biopsy specialist, Guardant Health faced a cybersecurity attack about two months ago, according to an SEC filing for the firm’s initial public offering. The Redwood City, CA-based company said that private information from about 1,100 individuals was compromised. “In July 2018, we experienced a security incident involving a phishing attack, and…
#Celebgate Phisher Who Hacked into More Than 225 Apple iCloud Accounts Sentenced to Prison
John H. Durham, United States Attorney for the District of Connecticut, announced that GEORGE GAROFANO, 26, of North Branford, was sentenced today by U.S. District Judge Victor A. Bolden in Bridgeport to eight months of imprisonment, followed by three years of supervised release, for engaging in a phishing scheme that gave him illegal access to…
Second Nigerian sentenced for phishing scam
Patrick McArdle reports: One of two Nigerians who admitted to being part of a conspiracy to steal personal information from Vermont state employees and other U.S. residents was sentenced Tuesday in Rutland federal court to time served, or 14 months in jail. Osariemen Isibor, 32, pleaded guilty in U.S. District Court in March to conspiracy…
MN: Cyberattackers successfully phish numerous Hennepin County workers’ e-mails
Andy Mannix reports: Cyberattackers have infiltrated e-mail accounts for about 20 Hennepin County employees since late June, and may have accessed the private information of people who rely on the county’s services, county officials revealed Thursday. Using e-mails disguised as pay-raise notifications, a sophisticated phishing scam duped the employees into giving up their login information,…