WCCO reports: On Monday, Star Tribune subscribers were notified of a possible security breach in its website log-in database. The paper says it only stored usernames and passwords there. Read more on CBS Minnesota. This is in response to claims by ShinyHunters, who have listed what they claim is data from 1 million subscribers for…
Category: U.S.
Oil and gas hackers chase bigger pandemic paydays
Christian Vasquez reports: Hackers have leaked hundreds of computer files allegedly stolen from a Houston-based oil and natural gas producer — the latest in a series of ransomware attacks that put a new twist on an old extortion playbook. The hackers behind the “Nefilim” malware say they have stolen over 800 gigabytes of personnel and…
Diabetes Device Supplier Solara Medical Faces Refined Claims in Data Breach Suit
Andrea Vittorio reports: A diabetes device supplier hit by a data breach in mid-2019 is facing refined fraud claims in a potential class action in California after a court took issue with the basis of some original claims. Fraud claims in the lawsuit against Solara Medical Supplies LLC, one of the largest direct-to-consumer suppliers of…
Mass consumer arbitration is on! Ed tech company hit with 15,000 data breach claims
Alison Frankel reports: A small Baltimore law firm has filed 15,107 demands for arbitration at the American Arbitration Association on behalf of consumers who allege they were affected by a 2018 data breach at the education technology company Chegg. The arbitration demands follow an April 27 ruling from U.S. District Judge Richard Bennett of Baltimore that customers must arbitrate their claims…
Magellan Health notifies employees whose personal data were exfiltrated in a ransomware attack
Magellan Health is notifying an undisclosed number of employees who information may have been exfiltrated in a ransomware attack. The attack began with a phishing attack on April 6 that impersonated a Magellan client. On April 11, Magellan discovered the breach, and called in Mandiant to investigate. Their investigation revealed that the attackers had exfiltrated…
Aeries Student Information System discloses breach (with updates)
Aeries Software recently announced a data breach. I didn’t see it, but a reader kindly stuck it under my cybernose today so that I could share it with you. The software firm’s notice of April 27 applies to hosted customers of their Aeries Student Information System. From their notice: What Happened? In late November 2019,…