Annie Massa reports: Robinhood Markets Inc. said personal information of about 7 million people — or roughly a third of its customers — was compromised in a data breach last week and that the culprit demanded payment. The intruder obtained email addresses of about 5 million people as well as full names for a separate group…
Category: U.S.
US seizes $6 million in ransom payments and expected to charge Ukrainian over major REvil cyberattack
Christina Carrega and Sean Lyngaas report: Law enforcement officials have seized an estimated $6 million in ransom payments, and the US Justice Department is expected to announce Monday that it has charged a suspect from Ukraine over a damaging July ransomware attack on an American company in a breakthrough for the Biden administration’s pursuit of cybercriminals, CNN…
Update on impact of the Washington Central Unified Union School District ransomware attack
On October 28, this site noted a report that Washington Central Unified Union School District in Vermont had been the victim of an as-yet-unconfirmed ransomware attack. The district has now issued a notification that makes clear that personal and health information of students and personnel may have been accessed or acquired. Their announcement also indicates…
US Defense Contractor Discloses Data Breach
Dark Reading reports: Electronic Warfare Associates (EWA), a US defense contractor, has confirmed a data breach in which attackers exfiltrated files containing personal information. The breach began with a phishing attack that had “some limited impact” on EWA email accounts, officials report in a notification letter. Their investigation determined an attacker broke into EWA email accounts…
What happened, Friday edition
It’s often quite difficult to code incidents for analysis purposes. Consider the following notification’s description of what happened, as one example: Mesa, AZ: November 3, 2021 – Baywood Medical Associates, PLC dba Desert Pain Institute (“DPI”), a health care provider specializing in pain management located in Mesa, Arizona, has become aware of a data security incident…
Cyber Attack Knocks Ohio County Library Computers Offline
Mike Sigov reports: A cybersecurity incident has knocked out the Toledo Lucas County Public Library website and computer systems for the second day in a row, and officials are unsure when service might be restored. Stephanie Elton, the library’s assistant manager of communications, innovation and strategy, said the service outage happened because of a “targeted…