As DataBreaches noted yesterday on infosec.exchange, the Medusa ransomware gang claims to have hit Great Valley School District in Pennsylvania. They provide a filetree showing a lot of Skyward, Canvas, PowerSchool, and other internal files, as well as 20+ screencaps of student info and employee info files to support their claim. They are demanding $600k…
Category: U.S.
MT: Personal information of 900 Butte School District employees compromised in cyberattack
John Emeigh reports: Personal information, including social security numbers, was compromised in a cyberattack on the Butte School District that directly impacted more than 900 school district employees. Butte School Superintendent Judy Jonart said employees have been offered 12 months of free credit monitoring protection. […] School officials first noticed the district’s computer system was…
Hendersonville city employees target of cybersecurity breach
Mitchell Black reports: A Hendersonville cybersecurity incident has put city employees’ data at risk. The incident occurred just before the Thanksgiving break, according to a Nov. 29 statement from City Manager John Connet. Connet said that a “threat actor group” targeted software used to manage city employee data. Hendersonville is working with the North Carolina…
Some city data was stolen during cyber breach; full scope remains unknown, Long Beach says
Jason Ruiz reports: Long Beach officials said Wednesday that some city data was stolen during a cybersecurity breach it detected earlier this month, but, officials said, it could be weeks or months before a clear picture emerges of what exactly was taken. The city said it does not currently know what type of data was taken…
More than 1 million Michiganders affected by Welltok cyberattack
Kristen Jordan Shamus reports: More than 1 million Michiganders were affected by a cybersecurity breach at Welltok Inc., a software company contracted to provide communication services for Corewell Health’s southeastern Michigan properties along with a healthy lifestyle portal for Priority Health, an insurance plan owned by Corewell. For about 2,500 Priority Health members, names, addresses and…
DFS Announces $1 Million Cybersecurity Settlement With First American Title Insurance Company
Press Release of November 28: The New York State Department of Financial Services (DFS) today announced that First American Title Insurance Company (First American) will pay a $1 million penalty to New York State for violations of DFS’s Cybersecurity Regulation (23 NYCRR Part 500) stemming from a large-scale cybersecurity breach in May 2019. The breach…