Bill Toulas reports: A regional U.S. government agency compromised with LockBit ransomware had the threat actor in its network for at least five months before the payload was deployed, security researchers found. Logs retrieved from the compromised machines showed that two threat groups had compromised them and were engaged in reconnaissance and remote access operations….
Category: U.S.
Update to Christie Clinics breach disclosure
On March 25, Christie Business Holdings Company, P.C. (“Christie Clinic”) disclosed a breach. As DataBreaches.net reported the next day, the clinic reported that an unauthorized actor had gained access to one business email account between July 14, 2021 and August 19, 2021. Christie’s investigation indicated that the intent of the attacker may have been to…
NYS Comptroller releases more school district IT Audits
Readers may want to read the full LaFargeville report, linked below, because it provides information to school districts about best practices and recommendations for how to accomplish certain security goals. LaFargeville Central School District – Information Technology (Jefferson County) Key Findings District officials did not establish adequate IT controls over physical IT assets and non-student user…
TN: Humphreys County sheriffs arrest two for forgery, identity theft, outstanding felony warrants
Darby McCarthy reports: Early Saturday morning, Humphreys County Sheriff’s Office Patrol Team B Nights arrested Letia Leco of Camden and Richard Flowers of Jackson on charges of forgery, identity theft and outstanding felony warrants from multiple jurisdictions. Leco and Flowers were found at a hotel in Buffalo with several hundred forged commercial bank checks, over…
Federal Court Dismisses Data Breach Litigation
The following news item refers to litigation related to a data leak discovered by Dutch researcher Jelle Ursem that was reported in collaboration with DataBreaches.net. Shing Tse and Kristin L. Bryan of Squire Patton Boggs write: Recently, a federal court in Kansas joined a number of other courts in finding that allegations of future, speculative harm unadorned…
WI: Black River Falls School District closed Friday after cyberattack
WKBT reports: The Black River Falls School District canceled all classes Friday because of an incident involving unauthorized access to the district’s IT network. Superintendent Shelly Severson sent an email to parents Thursday night saying that student record system is unavailable, and the district has no access to attendance, medication records, family contact information, or…