You may see a number of hospitals and covered entities issuing statements this week about a data security incident involving Med-Data (Med-Data, Incorporated). So far, Memorial Hermann, U. of Chicago, Aspirus, and OSF Healthcare have posted notices. Others should be or may be posting soon. Here’s DataBreaches.net’s exclusive report on the incident. Another Day, Another…
Category: U.S.
University of Maryland, Baltimore responds to Accellion breach
This week, a number of universities were added to CLOP threat actors’ dark web leak site. They appear to be linked to the Accellion breach in December and January. As a reminder, many of Accellion’s clients used a standalone server with Accellion’s software to transfer large files. The attack did not hit Accellion’s clients’ own…
Man charged for hacking Kansas water utility with intent to harm public
Catalin Cimpanu reports: The US Department of Justice has indicted today a Kansas man on charges of hacking into the computer system of a local water utility and trying to sabotage water processing operations with the intent to harm the local public. According to court documents, the incident took place on March 27, 2019, and…
GA: Cyberattack on Cobb schools enabled by contractor’s weak password, police say
Kristal Dixon reports: An attack on the Cobb County School District’s crisis management system that forced all schools into lockdown last month happened because of a weak password, according the police. The password was not created by a school district employee, but a worker with the AlertPoint security system used by the district, police said….
Whistleblower: Ubiquiti Breach “Catastrophic”
Brian Krebs reports: On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti…
FL: School officials investigate possible breach involving firm they never used
John Henderson reports: Alachua County school officials are investigating whether students’ personal information was compromised after a data breach in a computer system connected to school meal programs. The district notified families of school children Monday that a letter sent out recently by PCS Revenue Control Systems Inc. — a company that handles computer services for reduced lunch programs — is…