The American Payroll Association (“APA”) is notifying people about breach discovered in mid-July. What Happened? The APA experienced a skimming cyberattack in which personal information was accessed by unauthorized individuals. The source of the cyberattack is thought to have been a vulnerability in APA’s content management system, which allowed a “skimmer” to be installed on…
Category: U.S.
Amphastar Pharmaceuticals discovers that threat actors had exfiltrated employee data in May ransomware attack
On July 21, the DoppelPaymer ransomware threat actors added Amphastar Pharmaceuticals to their leak list. They also uploaded a number of files as proof of access and exfiltration. It was because of that listing that Amphastar eventually discovered that employee data had been stolen in a May attack. On August 27, Amphastar sent notification letters…
Rocky Mount hit by ransomware, investigating and trying to recover
Add Rocky Mount, North Carolina to the list of governments hit by ransomware. As of Aug. 28, they didn’t seem to yet know too much, as WITN reported: Rocky Mount leaders are trying to get the city’s network back on track after facing a cyber attack. The city is in the process of confirming what…
CA: Selma Unified hit with ransomware attack
Fox26 News reports: Selma Unified School District says it was hit by hackers. The attack happened overnight locking up some of the systems Friday including the student information system. Read more on Fox26. Note that this is Selma, California, and not Alabama.
Utah Pathology Services notifying more than 110,000 patients of data breach
From Utah Pathology Services, part of the security incident notice: On June 30, 2020, we learned than an unknown third party attempted to redirect funds from Utah Pathology. This suspicious activity did not involve any patient information, or the completion of any financial transactions. Upon discovery of the attempted fraud, Utah Pathology quickly secured the…
Cisco engineer resigns then nukes 16k WebEx accounts, 456 VMs
Sergiu Gatlan reports: A former Cisco employee pleaded guilty to accessing the company’s cloud infrastructure in 2018, five months after resigning, to deploy code that led to the shut down of more than 16,000 WebEx Teams accounts and the deletion of 456 virtual machines. According to a plea agreement filed on July 30, 2020, 30-year-old…