Eduard Kovacs reports: According to Danish broadcaster DR, all trains operated by DSB, the largest train operating company in the country, came to a standstill on Saturday morning and could not resume their journey for several hours. While this may sound like the work of a sophisticated threat actor that targeted operational technology (OT) systems in…
Category: Subcontractor
Vodafone Italy discloses data breach after reseller hacked
Bill Toulas reports: Vodafone Italia is sending customers notices of a data breach, informing that one of its commercial partners, FourB S.p.A., who operates as a reseller of the telecommunications services in the country, has suffered a cyberattack. According to the notice, the cyberattack took place in the first week of September and resulted in the compromise of…
Healthcare provider to incarcerated people discloses breach by data security incident by claims processor
Mediko, Inc. has issued a press release concerning an unintended exposure of protected health information by their third-party claims processor, CorrectCare. According to their notice, on July 6, CorrectCare discovered that two file directories on their server had been misconfigured and were exposing files to the public. The investigation subsequently determined that the exposure occurred…
FTC Brings Action Against Ed Tech Provider Chegg for Careless Security that Exposed Personal Data of Millions of Customers
The Federal Trade Commission is taking action against education technology provider Chegg Inc. for its lax data security practices that exposed sensitive information about millions of its customers and employees, including Social Security numbers, email addresses and passwords. Chegg allegedly failed to fix problems with its data security despite experiencing four security breaches since 2017….
NC: UCPS student information made vulnerable due to insufficient security protections by vendor, superintendent says
WBTV Web Staff and Nick Ochsner report: Private information of students at schools districts and charter schools across the state were left vulnerable by a software misconfiguration by a third-party vendor, Union County Public Schools Superintendent Andrew Houlihan told parents in a letter this week. According to the letter, the misconfiguration came after iLeadr, a company used…
Phishing incident may have exposed Seton patient names, clinical information
Jack Dowling reports: A vendor associated with Seton Medical Center in Harker Heights was recently the victim of a phishing incident, according to a news release from the hospital late Friday afternoon. According to the center, an unauthorized agent accessed the email accounts of two of the vendor’s employees. Read more at KDH News.