Catalin Cimpanu reports: The US Federal Bureau of Investigation sent out on Tuesday a security alert to K12 schools about the increase in ransomware attacks during the coronavirus (COVID-19) pandemic, and especially about ransomware gangs that abuse RDP connections to break into school systems. The alert, called a Private Industry Notification, or PIN, tells schools…
Data stolen from Silicon Valley consulting firm offered for sale on hacker forum
Duncan Riley reports: Business consulting firm Frost & Sullivan Inc. has suffered a data breach and data stolen from the firm appeared for sale on a hacker forum. The Mountain View, California-based company has a global presence with 40 offices across six continents. It offers services such as market research, analysis, growth strategy consulting and corporate…
If you needed yet one more example of the risks of PHI in employee email accounts
I’m not sure what it might take to get a real shift in how entities approach security of employee email accounts. Despite known risks of phishing and hacks, a tremendous amount of personally identifiable information (PII) and protected health information (PHI) resides in emails or email attachments in employee accounts. Read the following chronology provided…
Evil Corp deploys new WastedLocker ransomware
Dennis Fisher writes: The Russian attack group responsible for distributing the Dridex malware and BitPaymer ransomware and was the target of sanctions from the Department of Justice last year has reemerged with a new strain of ransomware called WastedLocker and an updated distribution framework to install it on victims’ machines. […] The new variant does…
Twitter says some business users had their private data exposed
Zack Whittaker reports: Flip the “days since the last Twitter security incident” back to zero. Twitter said Tuesday that it has emailed its business customers, such as those who advertise on the site, to warn that their information may have been compromised in a security lapse. Read more on TechCrunch.
N.S. government reveals May privacy breach involved 10,599 unredacted decisions
Yvonne Colbert reports: The Nova Scotia government has now disclosed the number of unredacted decisions posted online in a May privacy breach by the Workers’ Compensation Appeals Tribunal totalled 10,599. The decisions contained highly-sensitive information, including employer names, as well as employee names and their medical and psychiatric information. Until now, the government has said little…