Massachusetts-based Avention, formerly known as OneSource Solutions, is investigating two recent data breaches that may, or may not, be the work of the same criminal(s). In a letter to the New Hampshire Attorney General’s Office, their external counsel provides a chronology of events, beginning with reports by some employees on April 19 that their tax returns had been rejected because…
Category: Phishing
CA: Kern County Superintendent of Schools investigating employee data breach
Justin Burton reports: Employees of Kern Superintendent of Schools have been alerted to a data breach at the organization, 23ABC News has learned. In a note sent to staff members on Monday, Superintendent Christine Lizardi Frazier said the group’s payroll department fell victim to a data phishing scam. A KCSOS spokesman told 23ABC the incident…
Two men charged in Belarus over Penneco Oil theft
AP reports that two men have been charged by authorities in Belarus with receiving $1.35 million stolen from the bank account of Penneco Oil Co. in 2012 in a phishing scheme involving Bugat malware. I expect we’ll see a DOJ release on this later today or tomorrow, and I’ll update this post when it’s available.
Employees at Saint Agnes Medical Center dealing with possibility of identity theft
KFSN reports: Thousands of employees at Saint Agnes Medical Center are dealing with the possibility of identity theft after a security breach. Scammers got the W-2’s of everyone employed by the hospital this week. The breach affected 2,800 employees. Read more on ABC.
Data breach widens at Guilford school district as more employees complain of ID theft
Yes, another phishing scheme, but this one was partially foiled by a sharp employee. Nick McCrea reports: A March data breach at School Administrative District 4 has affected at least 55 employees, according to the Piscataquis County Sheriff’s Department. […] In late March, a district payroll employee received an email that appeared to be from Superintendent…
Was an Alpha Payroll Services employee cruelly fired?
Over on Salted Hash, Steve Ragan commented on the Alpha Payroll Services phishing incident, first reported on Daily Dot. The premise of his article appears to be that the employee who was fired was a victim, too. Steve writes, in part: The employee, victimized by the same person who later victimized Alpha Payroll clients, was fired because…