Well, this is a bit different. Did Fauquier County Public Schools in Virginia contribute to its own attack by noting employees could use free online SMS MFA websites for folks who don’t want to use a personal phone number for 2FA/MFA? It’s something to think about. h/t, Brett Callow Update of October 20: Fauquier County…
Category: U.S.
Mount Graham Regional Medical Center announces “cybersecurity incident”
David Bell reports: In a press release issued Friday, Mt. Graham Regional Medical Center announced it is dealing with a “cybersecurity incident.” The release states the attack affected the hospital’s communication and information systems, and officials are working with law enforcement and other system experts to determine the extent of the hack, including if patient…
And yet more victims in the U.S. medical sector
Earlier today, DataBreaches provided a small update on U.S. medical entities recently attacked or leaked by AlphV (BlackCat). Other groups also continue to attack health care entities. Here are a few: Monti added Cascade Family Dental to their leak site on October 1 with a note: About 130 Gb was downloaded. At 12 October whole…
AlphV starts to leak MNGI Digestive Health
On September 25, DataBreaches reported that AlphV had claimed to have attacked MNGI Digestive Health. MNGI never responded to this site’s inquiries at that time or since then. On September 29, AlphV announced “TIME IS UP” and leaked more than 800 GB of what they claim is 2+ TB of data they acquired, adding: Let…
HC3: Sector Alert Progress Software WS_FTP Critical Vulnerabilities
Progress Software WS_FTP Critical Vulnerabilities Executive Summary Progress Software, the maker of the MOVEit file transfer software which was widely exploited by the CL0P ransomware-as-a-service (Raas) group, has released a new advisory regarding multiple vulnerabilities in the WS_FTP Server, a file transfer product. Two of the vulnerabilities were rated as critical and are being tracked…
Consumers’ Data Breach Suit Against T-Mobile Sent to Arbitrator
Christopher Brown reports: Two customers’ allegations that T-Mobile failed to protect their personal information in a data breach and exposed information allowing their Coinbase cryptocurrency account to be hacked will be heard by an arbitrator. The arbitration agreement between T-Mobile and plaintiffs Jorge and Marcos Rodriguez clearly delegated threshold questions of arbitrability to the arbitrator,…