On October 28, this site noted a report that Washington Central Unified Union School District in Vermont had been the victim of an as-yet-unconfirmed ransomware attack. The district has now issued a notification that makes clear that personal and health information of students and personnel may have been accessed or acquired. Their announcement also indicates…
Category: U.S.
US Defense Contractor Discloses Data Breach
Dark Reading reports: Electronic Warfare Associates (EWA), a US defense contractor, has confirmed a data breach in which attackers exfiltrated files containing personal information. The breach began with a phishing attack that had “some limited impact” on EWA email accounts, officials report in a notification letter. Their investigation determined an attacker broke into EWA email accounts…
What happened, Friday edition
It’s often quite difficult to code incidents for analysis purposes. Consider the following notification’s description of what happened, as one example: Mesa, AZ: November 3, 2021 – Baywood Medical Associates, PLC dba Desert Pain Institute (“DPI”), a health care provider specializing in pain management located in Mesa, Arizona, has become aware of a data security incident…
Cyber Attack Knocks Ohio County Library Computers Offline
Mike Sigov reports: A cybersecurity incident has knocked out the Toledo Lucas County Public Library website and computer systems for the second day in a row, and officials are unsure when service might be restored. Stephanie Elton, the library’s assistant manager of communications, innovation and strategy, said the service outage happened because of a “targeted…
Hacker who posted ‘pwned’ on MIAA website says they hoped to help expose security flaws
Tom Westerholm reports: A hacker who goes by the screen names “netsaosa” and “g0retrance” got into the Massachusetts Interscholastic Athletic Association (MIAA) website on Monday and posted “pwned,” briefly derailing the release of the MIAA’s official statewide brackets for state tournament games. Reporters noted the delay before MassLive.com’s Meredith Perri realized the site was compromised. A pop-up in…
KS: Company that dumped private records in public trash is fined
AP reports: A national company will pay nearly $500,000 in fines for improperly disposing of documents that contained personal information of clients, the Kansas Attorney General’s Office said. Attorney General Derek Schmidt sued SearchTec, which has a satellite office in Kansas, in 2017. Read more on Lexington Herald-Leader. From the Kansas Attorney General’s Office: TOPEKA…