Update: As BleepingComputer reports, the AFTS attack appears to be the work of the Cuba ransomware threat actor(s) who claim to have exfiltrated “Financial documents, correspondence with bank employees, account movements, balance sheets, tax documents.” They offer to sell the data on their dedicated leak site on the dark web, but do not list any…
Category: U.S.
MN: School district employees falls for phishing attack; W-2 forms of 677 employees now compromised
David Colburn reports: REGIONAL- ISD 2142 fell prey to a common online phishing scheme on Feb. 4 when a scammer posing as Superintendent Reggie Engebritson used a fraudulent email to obtain the W-2 forms of 677 district employees. Engebritson sent a letter to staff the same day, informing them of the data breach. Read more…
San Jose Man Pleads Guilty to Computer Hack that Shut Down Opening Day Concession Sales at San Jose Earthquakes Stadium
SAN JOSE – Salvatore A. La Rosa pleaded guilty today in federal court in San Jose to intentional damage to a protected computer, announced United States Attorney David L. Anderson and Federal Bureau of Investigation Special Agent in Charge Craig D. Fair. La Rosa, 41, of San Jose, admitted in his guilty plea to intentionally…
First it was Blackbaud, now it’s Sodinokibi — Southern Arkansas University becomes a breach victim again
Marco De Felice reports: After being VICTIM OF THE BLACKBAUD DATA BREACH in May of last year, Southern Arkansas University is now facing a new data theft by the Sodinokibi (REvil) ransomware group. A few minutes ago, the Sodinokibi Ransomware group published a series of screenshots on its website regarding some data exfiltrated during the cyber attack against the…
NYS Department of Financial Services Announces Cybersecurity Fraud Alert
Cyber Criminals Targeting Websites to Steal Private Consumer Information and Use for Benefits Fraud Regulated Entities Are Advised to Review Security Controls for Public-Facing Websites The New York State Department of Financial Services (“DFS”) today issued a cybersecurity fraud alert (“Alert”) to all of its regulated entities. The Alert describes a widespread cybercrime campaign to steal consumers’ nonpublic information (“NPI”) from…
Jones Day disputes claimed breach; points to hacked vendor; hacker points back to them (UPDATE2)
Although Jones Day failed to respond to multiple inquiries sent to it by this site about a ransomware attack claimed by CLOP threat actors*, the giant law firm apparently responded to inquiries by the Wall Street Journal. Their statement, however, omits important information and has been disputed by the threat actors. WSJ reports, in part:…