Dan Goodin reports: Already smarting from a breach that put partially encrypted login data into a threat actor’s hands, LastPass on Monday said that the same attacker hacked an employee’s home computer and obtained a decrypted vault available to only a handful of company developers. Although an initial intrusion into LastPass ended on August 12,…
Category: U.S.
Social engineering attack on Boston labor union results in $6.4 million loss
AP reports: A cyberattack on a Boston-based labor union’s health fund resulted in the loss of $6.4 million, but it does not appear that the personal information of members was stolen or compromised, union officials said. Federal and local law enforcement agencies were notified of the attack at Pipefitters Local 537 that was discovered Feb….
Dish hit by multiday outage after reported cyberattack
Carly Page reports: U.S. satellite television provider Dish is experiencing a multiday outage after a reported cyberattack, with customers unable to access streams, services or their accounts. The disruption began early on Thursday when Dish customers said they could not access their television services or pay their bills. The outage appears to affect Dish’s main…
Thousands of Asian Texans targeted in driver’s license breach
Lauren McGaughy and Allie Morris report: The state shipped thousands of Texas driver licenses to an international organized crime group in a security lapse that is still under investigation, Department of Public Safety Chief Steve McCraw said Monday. The Department of Public Safety has identified at least 3,000 Texans who have been affected and is…
GSA not tapping data on unauthorized access attempts at federal facilities, report says
Chris Riotta reports: The General Services Administration is failing to act on data linked to access cards used to enter federal facilities, according to a new oversight report. A two-year audit conducted between 2020 and 2022 revealed over 32,000 failed access attempts at GSA-managed facilities, the Office of Inspector General report said, possibly indicating attempts to gain…
6 Class Actions: Lawyers Across the Country Move Quickly After Hospital Data Breach
Charles Toutant reports: A New Jersey hospital has been hit with six class action suits after hackers obtained patient information in a data breach. CentraState Medical Center allegedly failed to take adequate precautions to prevent such attacks, and then compounded the error by waiting six weeks to notify plaintiffs and class members about the breach,…