Update of June 15: For updates on this incident, your best resource is Kristal Kuykendall and THE Journal . Hats off to Kristal Kuykendall and THE Journal for tracking the Illuminate Education breach. Kykendall reports: The breach of student data that occurred during a January 2022 cyberattack targeting Illuminate Education’s systems is now known to have…
Category: Subcontractor
Battelle for Kids ransomware attack compromised records of 560,000 Chicago Public School students, employee
Nader Issa and Lauren FitzPatrick report: A massive data breach has exposed four years’ worth of records of almost 500,000 Chicago Public Schools students and nearly 60,000 employees, district officials told principals Friday. The attack targeted a company that has a no-bid contract with the district for teacher evaluations and involved basic student and staff…
2022 DSIR Deeper Dive: Vendor Incidents
Stefanie Ferrari of BakerHostetler writes: Vendor-caused incidents continued to surge in 2021. Nearly 20 percent of the total incidents we handled last year were caused by vendors, with more than half requiring notification. As in prior years, vendor incidents involved phishing schemes and inadvertent disclosures but primarily resulted from ransomware attacks on the vendors’ systems….
Cyberattack at Opus Interactive knocks Ruby Receptionists offline, disrupting service for thousands
Mike Rogoway reports: Ruby Receptionists, the Portland company that serves as a phone receptionist for thousands of small businesses, has suffered a major outage that knocked it offline all week. One of Ruby’s online vendors was hit by a cyberattack that left the company unable to accept any incoming calls or online messages, CEO Kate…
Omnicell reveals ransomware incident in SEC filing
From their May 9 10-Q filing: Our IT systems and third-party cloud services are potentially vulnerable to cyber-attacks, including ransomware, or other data security incidents, by employees or others, which may expose sensitive data to unauthorized persons. On May 4, 2022, we determined that certain of our information technology systems were affected by ransomware impacting…
Cyber attack prompts security response by Oregon secretary of state
KTVZ reports: A ransomware attack on a campaign finance firm has prompted the Oregon Elections Division to require that 1,100 users of the state’s online campaign contribution reporting system change their passwords, but Sectary of State Shemia Fagan stressed late Monday that the agency’s systems have not been hacked. […] The Oregon Elections Division learned…