Kat Jerich reports: The nonprofit Center for Internet Security announced this week that it had launched a no-cost ransomware protection service for private hospitals in the United States. The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the cybersecurity…
Category: U.S.
Hundreds of University of Alabama – Huntsville email accounts compromised through phishing attempts
Anna Mahan reports: Multiple UAH email accounts were compromised through a phishing attempt in January, that’s confirmed by the UAH Office of Information Technology. Some emails impacted did contain personal information such as name, date of birth, or social security number. However, school officials say there was no server or directory impacted and no credit…
Kia denies ransomware attack ‘speculation’ as it recovers from days-long outages
AP reports: Kia Motors America says it’s restoring services crippled by a computer network outage that began Saturday and which apparently affected dealers’ ability to order vehicles and parts and knocked offline a smartphone app that owners use to remotely start and warm up vehicles. Both Kia and affiliated automaker Hyundai Motor America, which reported a less severe IT outage it…
Accellion’s data breach left clients in tough position: pay extortion to criminals, or have their data dumped (with updates)
A breach involving Accellion‘s older file transfer application has left a number of its customers in the unenviable position of not only having a data breach to deal with, but with the added threat that their data and their clients’ data will be dumped by threat actors if they do not pay extortion demands. At…
UPDATED: California DMV halts data transfers with third-party company after Automatic Funds Transfer Services security breach
Update: As BleepingComputer reports, the AFTS attack appears to be the work of the Cuba ransomware threat actor(s) who claim to have exfiltrated “Financial documents, correspondence with bank employees, account movements, balance sheets, tax documents.” They offer to sell the data on their dedicated leak site on the dark web, but do not list any…
MN: School district employees falls for phishing attack; W-2 forms of 677 employees now compromised
David Colburn reports: REGIONAL- ISD 2142 fell prey to a common online phishing scheme on Feb. 4 when a scammer posing as Superintendent Reggie Engebritson used a fraudulent email to obtain the W-2 forms of 677 district employees. Engebritson sent a letter to staff the same day, informing them of the data breach. Read more…