In September, 2020 Fairfax County Public Schools in Virginia was hit with Maze ransomware.The attack was announced on Maze’s dedicated leak site in early September, and after multiple queries by this site, FCPS issued a statement confirming that they had been attacked. One month later, the threat actors started dumping some data on their leak…
Category: U.S.
In a year of supply-chain attacks, do you have your business associate agreements in place?
I recently came across a breach report that is a useful reminder of the value of ensuring that business associate agreements (BAA) are in place, and that compliance with the agreements is assessed regularly. In this instance Humana, a health plan, reported that on December 22, they were notified by a business associate that an…
AZ: City of Kingman government computer system hit by cyberattack
abc15 reports: Local and federal authorities are working with the City of Kingman after the city’s government computer system was targeted by a cyberattack. According to a Sunday release from spokeswoman Colleen Haines, the city became aware of the attack “throughout the entire computer system” on Friday. The FBI, Department of Homeland Security, and Arizona…
Some San Diegans’ personal information provided to Jewish Family Service exposed online
Morgan Cook reports: Jewish Family Service of San Diego, a prominent nonprofit aid organization, exposed thousands of messages, some with identifying information from people seeking help with everything from paying rent to escaping abusive relationships. The social-services charity, which helps people in crisis regardless of their faith, learned of the data breach Monday night, after…
Universal Health Services lost $67 million in cyberattack recovery
Ginger Christ reports: Universal Health Services said Thursday that the company lost $67 million in the second half of 2020 as a result of a September cyberattack. The Sept. 29 malware attack caused King of Prussia, Pa.-based UHS to temporarily take all of its U.S. information technology networks offline, including systems for medical records, laboratories and pharmacies. Servers…
The Jones Day dump contains prescription drug records. Who’s notifying those patients of the breach?
By now, many are aware that Jones Day, a giant law firm, had some of its files stolen due to vulnerabilities in the standalone file transfer administration system by Accellion. Jones Day is one of dozens of Accellion clients that have found themselves investigating and dealing with breaches affecting their businesses and clients. The Jones…