Eastern Hancock schools in Indiana were expected to be back up and running today after the district experienced a ransomware attack over the weekend. When the district discovered the attack Monday morning, it shut down the entire network, preventing the attack from spreading. The shutdown also meant the district lost the ability to receive phone…
Ransomware Unmasked: Dispute Reveals Ransomware TTPs
Two of the more well-known Russian-language forums have “arbitration” or “complaint” sections where members can present complaints and evidence against other members involving financial disputes or claims. Those disputes, with evidence provided non-publicly to the moderators/arbitrators, often provide interesting insights into threat actors’ methods or relationships. In the past few weeks, there have been two…
After going up, up, up, will ransom payments in healthcare and education sectors start dropping?
Key points: More than half of ransomware victims reportedly pay ransom, but there is an absence of quality data and reporting that would enable better analyses. As payouts have increased, the number of customers electing to have cyberinsurance coverage (the take-up rate) has increased, although SMBs lag behind mid- to large-sized entities. As payouts have…
One Employee’s Accidental Email Leads To A Significant Data Breach Ruling in Federal Appeals Court
Jeffrey Csercsevits of Fisher Phillips writes: A federal appeals court recently addressed whether employees had standing to bring a lawsuit when their personally identifiable information (PII) was inadvertently circulated to other employees at the company, with no indication of misuse or external disclosure. In McMorris v. Carlos Lopez & Associates, LLC, the 2nd Circuit Court of…
OH: Marietta City Schools Email Hack
Christopher Schmitt reports: The Marietta Police Department is investigating a number of Marietta City School employees’ emails being hacked. It was just released that Marietta Superintendent Will Hampton reached out to the Marietta Police last week. It was reported to the police that a number of employees’ email accounts could have been compromised since 2018….
After Colonial Pipeline Hack, U.S. to Require Operators to Report Cyberattacks
Rebecca Smith reports: The Transportation Security Administration intends to release the first of at least two security directives that would require pipeline operators to notify it when they are targets or victims of cyberattacks, according to senior officials at the Department of Homeland Security. The action, expected this week, also will require each company to…