SC Media reports: Oregon-based third-party retirement plan administrator Carruth Compliance Consulting had information from more than 40,000 public school teachers and employees in California, Illinois, New York, Oregon, and Pennsylvania exfiltrated following a December attack by the newly emergent Skira Team hacking group, which purported the theft of data from 36 public schools across the…
White House cyber director’s office set for more power under Trump, experts say
Suzanne Smalley reports: The Office of the National Cyber Director (ONCD) is poised to become a stronger force in the second Trump administration and will finally operate as the executive branch cybersecurity policy lead that Congress envisioned when establishing it in 2021, experts say. President Donald Trump’s selection of Sean Cairncross to lead the office signals that…
Hackers expose information for 700,000 current and former Chicago students, district says
Mila Koumpilova reports an update to the Clop attack on entities using the Cleo file transfer software. In a ransomware attack last year, Russian hackers stole private information for more than 700,000 current and former Chicago Public Schools students and put it on the dark web, district officials said Friday. According to the district, the…
Texas Man Convicted of Sabotaging his Employer’s Computer Systems and Deleting Data
There’s an update to an indictment announced by the DOJ in April 2021. In today’s reminder of the insider threat, DOJ announced: A federal jury in Cleveland convicted a Texas man today for writing and deploying malicious code on his former employer’s network. According to court documents and evidence presented at trial, Davis Lu, 55,…
Taipei’s Mackay Memorial Hospital patient information allegedly sold online
Michael Nakhiengchanh reports: Taipei’s Mackay Memorial Hospital apologized Thursday to the public for an information leak caused by a cyberattack earlier this month. On Feb. 9, the hospital was hit by ransomware called “Crazy Hunter,” causing over 500 computers to crash and reportedly up to 32.5 GB of information stolen, per CNA. The leaked data allegedly includes personal…
Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters
Elizabeth Montalbano reports: Someone claiming to represent the BianLian ransomware group is sending top executives from various organizations snail-mail extortion letters informing them that their IT network has been compromised and threatening to delete or leak sensitive company data. Sending physical letters through the mail system is an unusual move for a cybercriminal group, which typically sends…