The FTC announced a settlement in a data security enforcement action against InfoTrax Systems, L.C. and its former CEO, Mark Rawlins. Here is their press release, below, followed by InfoTrax’s comments on the settlement: A Utah-based technology company has agreed to implement a comprehensive data security program to settle Federal Trade Commission allegations that the…
Category: U.S.
IL: Rockford Public Schools release details about ‘ransomware’ attack
WTVO reports: On Wednesday, Rockford Public Schools shared details about a devastating cyber attack the district suffered in September. The district continues to recover from the ransomware attack, a computer-based attack in which hackers install software on a remote computer system that encrypts files so the owners cannot access them without paying a ransom. According…
The University of North Carolina- Chapel Hill School of Medicine Notifying Patients After 2018 Phishing Incident
Some readers may have trouble accessing a notice from the School of Medicine at the University of North Carolina — Chapel Hill due to an issue with Chrome, so I’m embedding the whole notification below. TL;DR version: some employees fell for a phishing attack and their email accounts may have been accessed between May 17,…
TX: PNGISD technology held for ransom
Mary Meaux reports: Port Neches-Groves Independent School District was hit by ransomware, causing the disruption of all technology connections on Tuesday. Assistant superintendent Julie Gauthier provided a statement about the cyber security attack, saying the district is working with local law enforcement and forensic and cyber security specialists to remedy the situation. Read more on…
CT: Starling Physicians Warns Patients of Data Breach
NBC reports: According to an announcement released Tuesday, Starling was the target of a cyber-phishing attack on February 8. When the Connecticut-based healthcare group learned of the breach, they secured the affected email accounts and hired a forensic security firm. On September 12, investigation found that the email accounts affected by the attack contained information…
Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin
Brian Krebs reports: Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was…