Oops — I missed this one last week. George W. Rhodes reported: The computer system of a Mansfield company that does background checks for employers was hacked and the perpetrators got away with the personal information of 164,000 people. Creative Services Inc., located on Pratt Street, was hit by hackers in November, according to The…
Category: U.S.
FBI: Ransomware hit 649 critical infrastructure orgs in 2021
Sergiu Gatlan reports: The Federal Bureau of Investigation (FBI) says ransomware gangs have breached the networks of at least 649 organizations from multiple US critical infrastructure sectors last year, according to the Internet Crime Complaint Center (IC3) 2021 Internet Crime Report. However, the actual number is likely higher given that the FBI only started tracking…
Indiana Amends Breach Notification Law to Require Notification Within 45 Days
Linn Foster Freedman of Robinson + Cole writes: Indiana has amended its breach notification law to require entities to notify individuals “without unreasonable delay, but not more than forty-five (45) days after the discovery of the breach.” It clarifies that a delay is “reasonable” if it is: “(1) necessary to restore the integrity of the…
Morgan Stanley client accounts breached in social engineering attacks
Sergiu Gatlan reports: Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised in social engineering attacks. The account breaches were the result of vishing (aka voice phishing), a social engineering attack where scammers impersonate a trusted entity (in this case Morgan Stanley) during a…
Even More Patient Data May Have Been Stolen in 2021 Ransomware Attack: Scripps Health
Artie Ojeda reports: Almost one year after a devastating ransomware attack on Scripps Health, patients have received a letter advising additional personal information may have been compromised. NBC 7 obtained a copy of the letter dated March 15. It references the cyberattack that occurred between April 26, 2021, and May 1, 2021. Read more at…
Okta’s response to Lapsus$’s claimed hack has people asking, “Why didn’t you tell us in January?”
Yesterday was not a great day for Okta. Their CSO, David Bradbury, issued a statement responding to Lapsus$’s claimed hack, but his statement led to a counter-response by Lapsus$ and even more critically, perhaps, people started asking why, if Okta knew about something in January, they had not disclosed it then. First, here’s Bradbury’s statement:…