Add Monroe Public Schools in Michigan to any list you may be keeping of schools hit by ransomware. On January 7, external counsel for the district notified individuals about an incident the district discovered on June 10, 2021 when certain systems and files were encrypted. The district reports that it immediately secured their network and…
Category: U.S.
Grass Valley discloses 2021 data breach
Yesterday, Grass Valley in California announced they had suffered a breach last year. Their disclosure does not say when they first detected any breach, but reports that their investigation determined that unauthorized access had occurred between April 13, 2021 and July 1, 2021. After further investigation, Grass Valley discovered that the unauthorized person transferred files…
FBI: Hackers use BadUSB to target defense firms with ransomware
Sergiu Gatlan reports: The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminal group targeted the US defense industry with packages containing malicious USB devices to deploy ransomware. The attackers mailed packages containing ‘BadUSB’ or ‘Bad Beetle USB’ devices with the LilyGO logo, commonly…
Jefferson Surgical Clinic notifies 174,769 about June, 2021 data breach
If a covered entity detects a breach at the beginning of June 2021 but doesn’t notify patients until January 2022, will HHS think this is just fine? What if there was no encryption of data involved? Is it acceptable to take 7 months to notify patients if there are no unusual circumstances or request from…
FinalSite ransomware attack shuts down thousands of school websites
Lawrence Abrams reports: FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. FinalSite is a software as a service (SaaS) provider that offers website design, hosting, and content management solutions for K-12 school districts and universities. FinalSite claims to provide solutions for over 8,000 schools and…
FlexBooker discloses data breach, over 3.7 million accounts impacted
Ionut Ilascu reports: Accounts of more than three million users of the U.S.-based FlexBooker appointment scheduling service have been stolen in an attack before the holidays and are now being traded on hacker forums. The same intruders are offering databases claiming to be from two other entities: racing media organization Racing.com and Redbourne Group’s rediCASE…