Gareth Corfield reports: A US utility company based in Colorado was hit by a ransomware attack in November that wiped out two decades’ worth of records and knocked out billing systems that won’t be restored until next week at the earliest. The attack was detailed by the Deltca-Montrose Electric Association (DMEA) in a post on…
Category: U.S.
Tulane University crime data breach exposes health records, sexual assault victims’ names
Missy Wilkinson Reports: Health records and names of people who visited Tulane University Medical Center’s emergency department, including for attempted suicide. Graphic information about sexual assaults and the identities of the victims, witnesses and suspects. All this and other sensitive information protected under federal privacy laws was visible to anyone with a Tulane email address…
Suspected Chinese hackers breach more US defense and tech firms
Sean Lyngaas of CNN reports: A suspected Chinese hacking campaign has breached four more US defense and technology companies in the last month, and hundreds more US organizations are running the type of vulnerable software that the attackers have exploited, according to research shared with CNN. The apparent espionage activity, which the National Security Agency…
Welcome surprise: threat actors give victim school district a free decryptor.
On November 23, DataBreaches.net reported that Avos Locker threat actors had added Beaverhead County High School in Montana to their leak site. At the time, this site reported: From their listing, Avos Locker is clearly aware that this is a tiny school district with only a few hundred students and less than two dozen teachers….
NY: Riverhead schools hit by ransomware attack, shutting down computer and tech infrastructure
Alek Lewis reports: The Riverhead Central School District was hit by a ransomware attack this morning, shutting down the district’s computer and technology infrastructure for what officials said could be several days. The district sent out a statement this morning at 8:48 a.m. on their social media alerting parents to what was then described as…
Snatch ransomware team adds health insurer victim to their leak site
In April, CareFirst BlueCross Blue Shield posted a notice on its website concerning a ransomware attack in January. The health plan’s announcement reports that the preliminary assessments suggested that: the attack was limited to CHPDC. Early analysis also indicates that members of other CareFirst BlueCross BlueShield companies, the Federal Employees Program (FEP) and Federal…