When CoPilot Provider Support Services recently disclosed a security incident that they had known about since 2015, their statements might have led you to believe that a disgruntled former employee had hacked them or misused previously authorized access, and that law enforcement might be looking into criminal charges. If you thought that, you were wrong on both counts. CoPilot Provider Support Services (“CoPilot”) describes itself…
Category: U.S.
2016 W-2 data up for sale on the dark web (updated)
As regular readers know by now, DataBreaches.net has been compiling reported instances of W-2 phishing scams. As part of that investigation, I decided to take a quick look today at some dark net marketplaces to see if any data were up for sale. Brian Krebs had reported on this issue in January after finding a…
Cleveland Food Bank Loses Personal Data for Dozens of Clients
Kevin Niedermier reports: Cleveland police are still looking for the stolen car that contained personal information on 44 Greater Cleveland Food Bank clients. The car was stolen last month after a food bank worker had collected the written information on assistance applications. Food bank Communications Director Karen Pozna says so far none of the affected clients have…
Bingham County servers locked up by ransomware; hackers demanded $25k – $30k
Stephan Rockefeller reports: Bingham County officials are scrambling to rebuild parts of their computer infrastructure after a ransomware attack took down county servers on Wednesday. Although efforts have been made to correct the problem, computer issues remained as of Friday. “Every department in the county is affected in some way,” Bingham County Commissioner Whitney Manwaring…
Vermont Restaurant Settles Charges by Attorney General’s Office Over Credit Card Fraud
Caroline Strange reports that the Grand Buffet restaurant in Essex Junction, Vermont, has settled charges brought by the VT Attorney General’s Office following an investigation into credit card fraud that affected the restaurant’s customers. If that sounds a bit atypical to you (it did to me), it turns out that the restaurant had known there was…
SC: Lexington Medical Center notifies employees of breach
WISTV reports: The employee database of the Lexington Medical Center is the latest victim of a cyberattack. In a statement released by the hospital, the breach was discovered Friday morning. The breach showed that there has been unauthorized access to the employee information database, called eConnect/Peoplesoft. Medical center officials learned about the breach this week…