Patrick McArdle reports: One of two Nigerians who admitted to being part of a conspiracy to steal personal information from Vermont state employees and other U.S. residents was sentenced Tuesday in Rutland federal court to time served, or 14 months in jail. Osariemen Isibor, 32, pleaded guilty in U.S. District Court in March to conspiracy…
Category: Phishing
MN: Cyberattackers successfully phish numerous Hennepin County workers’ e-mails
Andy Mannix reports: Cyberattackers have infiltrated e-mail accounts for about 20 Hennepin County employees since late June, and may have accessed the private information of people who rely on the county’s services, county officials revealed Thursday. Using e-mails disguised as pay-raise notifications, a sophisticated phishing scam duped the employees into giving up their login information,…
TX: MedSpring Urgent Care notifies 13,000 patients after phishing attack
As Protenus’s Q-2 report for health data breaches in the U.S. indicates, phishing continues to account for a significant percentage of reported breaches. Here’s another phishing incident recently disclosed to HHS that will be in Protenus’s Q-3 report as affecting 13,034 patients: July 20, 2018 At MedSpring Urgent Care (MedSpring), we take the privacy and…
Three members of notorious “FIN7” criminal ring in custody for attacking more than 100 companies
The Department of Justice announced a stunning arrest today of key players in one of the most damaging threat actors in the last decade. Kudos to all involved in their arrests. You can read the DOJ’s full press release below, but let’s start with a quote from a FIN7 hunter: “FIN7 is the most prolific and…
UnityPoint warns 1.4 million patients their information might have been breached by email hackers
The DesMoines Register reports: One of Iowa’s main hospital and clinic systems has notified about 1.4 million patients that their personal information might have been breached. UnityPoint Health officials said hackers used “phishing” techniques to break into the company’s email system. The company, based in West Des Moines, said the hackers could have obtained medical…
Clark University notifies students of phishing incident
Clark University in Massachusetts began notifying some students whose personal information, including Social Security Numbers, were in an employee’s email account that had been accessed. According to their notification dated July 20, the university’s investigation revealed that an unauthorized individual could have accessed the employee’s email account between March 19 and March 23rd. From the wording…