Brittany Toolis reports: As if battling cancer isn’t hard enough, now patients at UW’s Fred Hutchinson Cancer Center are being extorted. Last month, the Cancer Center experienced a data breach, exposing data for an unknown number of patients. Some of those patients are getting emails threatening to leak their personal information if they don’t pay…
Category: U.S.
Hinsdale schools struck by ransomware attack (1)
The Brattleboro Reformer reports: The Hinsdale school district is attempting to recover from a ransomware attack that occurred on Thursday morning. “School district officials are working with Primex, its cyber insurance provider, and a professional cybersecurity response team to assess the situation,” states information release by SAU 29 Superintendent David Ryan. Read more. Update December…
The Untold Story of a Massive Hack at HHS in Covid’s Early Days
Jordan Robertson and Riley Griffin report: On March 15, 2020, just days after the US declared a national emergency because of the Covid-19 pandemic, the computer network for the US Department of Health and Human Services briefly vanished from the internet. In public remarks the following day, HHS Secretary Alex Azar attributed the 10-minute outage to a cyberattack but…
Records reveal new information about Sweetwater Union High School District ransomware incident
Melissa Mecija reports: New records reveal how widespread a data breach was at the Sweetwater Union High School District. Information given to ABC 10News through a request from the California Public Records Act shows more than 22,000 people were affected by the breach, and the district paid a ransom to the alleged hackers. It was…
Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
The Hacker News reports: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. “The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result in arbitrary code execution,” CISA said,…
CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
CBIZ KA, a third-party vendor for Prime Healthcare (Prime), discovered a security incident involving CBIZ’s use of MOVEit Transfer software, which has recently reported a security vulnerability. Prime takes the responsibility of safeguarding your information very seriously, and while Prime systems were not involved in the incident, CBIZ KA uses MOVEit Transfer to securely transfer…