Marianne Kolbasuk McGee reports: Tens of thousands of documents containing personal information of special education students within New York City’s public school system were held in an unsecured database exposed to the internet. Researcher Jeremiah Fowler of security services firm Security Discovery told Information Security Media Group he found the unsecured database in mid-February and…
Category: U.S.
Attack on WB CTC targeted financial info in Skyward system
Update: BlackCat has claimed responsibility for the attack. There’s an update to the data breach affecting Wilkes-Barre Career and Technical Center, previously noted on this site. Mark Guydish reports: Guariglia said the FBI is still investigating and that there is no new information on what happened or who conducted the attack, which appeared to target…
Top of the World Ranch Treatment Center notifies patients after email account compromise
Top of the World Ranch Treatment Center in Illinois has disclosed that a November 17 compromise of a business email account resulted in protected health information being accessible to an attacker. The attack was detected quickly and shut down within hours, and the treatment center’s investigation could not determine if any data was exfiltrated during…
Has Oakland been hit with a second ransomware attack? (1)
As the public knows by now, Oakland, California was hit with a ransomware attack by the Play ransomware gang on February 8, and has been struggling since then to recover. Data from the attack started to be leaked on March 4. Play leaked about 10 GB of files, compressed, and threatened to leak more if…
At least 17 members of Congress had sensitive information exposed in data breach
Scott MacFarlane reports: …The hacking of the DC Health Benefit Exchange Authority data system has triggered at least three investigations and a federal civil lawsuit against the District of Columbia government, CBS News has learned. It has also sent a significant shock through Congress and its staffers. Read more at CBS. It’s a shame if…
After Data Breaches, Lawsuits Hit Two Arkansas Hospitals
Mark Friedman reports: After dealing with the financial effects of COVID-19, hospitals are facing a new threat: lawsuits following cyberattacks. Since January, four lawsuits have been filed against both Howard Memorial Hospital of Nashville and against the Mena Hospital Commission, which operates as the Mena Regional Health System. The lawsuits allege the hospitals were negligent…