IC3.gov PIN 20220914-001 14 September 2022 TLP: WHITE Summary The FBI has received multiple reports of cyber criminals increasingly targeting healthcare payment processors to redirect victim payments. In each of these reports, unknown cyber criminals used employees’ publicly-available Personally Identifiable Information (PII) and social engineering techniques to impersonate victims and obtain access to files, healthcare…
Category: Subcontractor
Kansas school district pulls messaging app after data breach
KWCH reports: Andover Public Schools said it has pulled the popular messaging app, Seesaw after the app was hacked. According to the Seesaw website, the app is used by 10 million teachers, students and family members, but the company declined to say how many users were affected by the hack. In a letter to parents,…
Breach of software maker used to backdoor ecommerce servers
Dan Goodin reports: FishPig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach of its distribution server that allowed criminals to surreptitiously backdoor customer systems. The unknown threat actors used their control of FishPig’s systems…
KeyBank: Hackers of third-party provider stole customer data
Frank Bajak reports: Hackers stole personal data including Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank, the bank reports, in the breach of a third-party vendor that serves multiple corporate clients. The hackers obtained the information on July 5 after breaking into computers at the insurance services provider Overby-Seawell Company,…
Medical billing service in Florida one of the latest victims of ransomware attacks
Add NCG Medical to business associates who a ransomware attack has compromised. The medical billing service in Florida was added to the Hive ransomware group’s leak site on August 31, with Hive claiming that they encrypted NCG’s files on August 19. The 12-day gap between encryption and publicly revealing the attack is a relatively short…
Edfinancial and OSLA student loan account registration info hacked in Nelnet breach; 2.5 million affected
Many student loan borrowers caught a huge break this week with government forgiveness of some student loan debt. But for 2.5 million student loan borrowers, the week also brought news of a breach of their contact information and Social Security numbers. Nelnet Servicing in Nebraska provides technology services to EdFinancial and OSLA, including portals that…