This week, a number of universities were added to CLOP threat actors’ dark web leak site. They appear to be linked to the Accellion breach in December and January. As a reminder, many of Accellion’s clients used a standalone server with Accellion’s software to transfer large files. The attack did not hit Accellion’s clients’ own…
Category: Subcontractor
Update on education sector clients impacted by Blackbaud ransomware incident
I don’t know how he finds the energy to do it, but Marco A. DeFelice (@amvinfe on Twitter) continues to track disclosures involving Blackbaud’s ransomware incident of 2020. He has organized his tabulations by whether the entities are hospitals or educational facitlities, etc. Today he has provided another update to the education sector, in which…
GA: Cyberattack on Cobb schools enabled by contractor’s weak password, police say
Kristal Dixon reports: An attack on the Cobb County School District’s crisis management system that forced all schools into lockdown last month happened because of a weak password, according the police. The password was not created by a school district employee, but a worker with the AlertPoint security system used by the district, police said….
FL: School officials investigate possible breach involving firm they never used
John Henderson reports: Alachua County school officials are investigating whether students’ personal information was compromised after a data breach in a computer system connected to school meal programs. The district notified families of school children Monday that a letter sent out recently by PCS Revenue Control Systems Inc. — a company that handles computer services for reduced lunch programs — is…
UK: Print group hit by cyber attack
Jo Francis reports: It is believed that cyber criminals may be specifically targeting firms that provide support services to financial institutions. Operations at MBA Group, which has sites in London and Warrington, have been affected after the business was subjected to an attack. In a statement, sales director Kevin Stewart said the firm hoped to…
MN: Apple Valley Clinic notifies 157,939 patients about Netgain Technology breach
In November, 2020, cloud IT services provider Netgain Technology LLC experienced a ransomware attack that resulted in them taking some of their data centers offline. In December and January, they began notifying some of their clients. In January, Ramsey County notified 8,700 clients of its Family Health Division about the breach. In February, Woodcreek Provider…