Symantec reports: A previously undocumented attack group is using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. The group, which we are calling Tortoiseshell, has been active since at least July 2018. Symantec…
Category: Subcontractor
Secret Service Investigates Breach at U.S. Govt IT Contractor
Brian Krebs reports: The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections…
Undisclosed number of Boy Scouts and their parents had their information exposed by Trails End
Katie Peralta reports: A partner of the Boy Scouts of America inadvertently exposed the personal information of children and their parents last month. What happened: Boy Scouts nationwide sell popcorn to raise funds for activities like camping trips — just like Girl Scouts sell cookies. To facilitate the sales process, Boy Scouts of America uses…
Update on Pearson Breach: Parent Files Class-Action Suit After Data Breach Exposes Nearly 1 Million Schoolchildren’s Personal Information
CBS reports: A mother filed a federal class-action lawsuit on her daughter’s behalf Thursday, after nearly a million students nationwide had their personal information exposed in a data breach by a company used to track student academic progress. The Indian Prairie School District 204 in Naperville was among the academic districts affected. The woman, identified…
122,000 Providence Health Plan customers may be affected by data breach at Dominion National
Ted Sickinger reports: The personal information of as many as 122,000 customers of Providence Health Plan’s dental program in Oregon may have been compromised in a security breach at the program’s administrator, Virginia-based Dominion National. Read more on OregonLive. While 122,000 is a lot of patients potentially affected, it could have been worse if Providence…
Ransomware attack impacts hundreds of dental offices
Cassidy Williams reports: Hundreds of dental offices across the country were targeted in a ransomware attack. PerCSoft, IT company that was attacked, is based out of West Allis. It wasn’t immediately clear whether patient data, including Social Security numbers, was compromised. Read more on Fox6. As Catalin Cimpanu reported on ZDNet, PerCSoft collaborated with The…