Ryan Trowbridge, Sarah Guernelli, and Andrew Masse report that Chicopee Public Schools in Massachusetts was hit with a ransomware attack — specifically, Ryuk ransomware. The attacker(s) have demanded $300,000, but the district says they are not paying it and have been working to deal with the situation since Monday morning. Read more on Western Mass…
Category: U.S.
Veterans Affairs put millions of people at risk of identify theft, audit finds
Eric Yoder reports: The Veterans Affairs Department, while responding to requests for records on veterans’ benefits claims, “put millions of people at risk of identity theft” by not deleting personally identifying information on other people from those records, an audit has found. That information included names and Social Security numbers of people such as other…
Target sues insurer for up to $74 million in 2013 data breach costs
Kavita Kumar reports: Target is suing its longtime insurance company for denying claims to reimburse Target for tens of millions of dollars it has paid out for new payment cards as part of settlements over the retailer’s 2013 data breach. The lawsuit against ACE American Insurance Co., based in Pennsylvania and now part of the…
MO: Saint Francis Healthcare announces ransomware incident involving Ferguson Medical Group; not all records recovered
Updated Nov. 21: This incident has just been posted on HHS’s public breach tool as impacting 107,054 patients. Original Post: Marsha Heller of KAIT 8 reports that Saint Francis Healthcare System announced that Ferguson Medical Group (FMG) in Sikeston, Mo. was hit with a ransomware attack on September 20th. The following is the notice on…
Accidental data breach at Las Cruces Public Schools discloses vendor social security numbers
KVIA reports: Las Cruces Public Schools now confirms it accidentally sent out an email back in September containing the social security numbers of vendors the district uses. That email was sent to about 150 district employees, officials said. Vendors were advised to place a fraud alert on their credit files as a precaution. Those vendors…
Akron man sentenced to six years in prison for launching denial of service attacks that shut down web sites for the city of Akron and the Akron Police Department
From the U.S. Attorney’s Office for the Northern District of Ohio, an update on a previously disclosed prosecution: An Akron man was sentenced to six years in prison for launching denial of service attacks that shut down web sites for the city of Akron and the Akron Police Department. James Robinson, 33, previously pleaded guilty…