Cassie Buchman reports: Access to Crystal Lake Community High School District 155’s information systems currently is limited after its computers were infected with ransomware sometime Friday. Read more on Northwest Herald (subscription required)
Regis University paid ransom after cyberattack last fall
Noel Brennan reports: Six months after Regis University computers were targeted in a cyberattack, the university hosted a conference to help government agencies, businesses and schools better defend and recover from similar attacks. […] “Regis did pay the ransom to get the systems back up as quickly as we could,” said Jennifer Forker, a spokesperson…
Maze Team updates its site, dumps more victims’ data
The Maze Team attackers continue to announce more of their ransomware victims that have not complied with their ransom demands, and they continue to dump data from those who do not pay them. When I checked their site again today, I noticed that they had announced that they have dumped all their files on the…
Breached Wawa Payment Card Records Reach Dark Web
Both Gemini Advisory and KrebsOnSecurity caught this one quickly. From Gemini Advisory: Joker’s Stash began uploading records as advertised on January 27. The breach was titled “BIGBADABOOM-III” and appeared in four different bases. The records included the state geolocation information, but not the city or ZIP Code as previously announced. The listed geolocation data for…
VillageCareMAX & VillageCare Rehabilitative & Nursing Center Notices of Data Privacy Incident After Business Email Compromise
The following is part of the notice Village Senior Services Corporation d/b/a VillageCareMAX posted on their website. Note that the attacker was apparently requesting names and Medicaid ID numbers, which makes me wonder what the plan for misuse was — insurance fraud, perhaps? VillageCareMAX (“VCMAX”) is providing notice of an incident that may affect the…
The average ransom demand for a REvil ransomware infection is a whopping $260,000
Catalin Cimpanu reports: .. in a report published today and shared with ZDNet, the security team at KPN, a Dutch telecommunications provider, said it was able to sinkhole and intercept the communications between REvil-infected computers and the REvil ransomware’s command-and-control (C&C) servers. KPN researchers say this allowed them to obtain unique insights into the operations of the…