In an August 30th press release, posted previously on DataBreaches.net, chocolatier Russell Stover disclosed that point-of-sale (POS) terminals in their retail stores appeared to have been compromised by malware. Online customers were reportedly not at risk, but based on its investigation up until that date, they believed that the attacker may have been able to…
Hackers target Wakulla Schools, shut down district-wide emails in ransomware attack
James Call reports that the Wakulla County School District has been hit with ransomware. The attack was announced by the district this morning although officials report that the attack began last week. “After discovering the attack, we immediately launched an investigation with the assistance of a leading forensic firm, and we have been working diligently…
Souderton Area School District Contending With Ransomware Cyberattack
ABC reports: The Souderton Area School District has become the most recent apparent victim of a ransomware cyberattack that struck soon after the beginning of the new school year. Superintendent Dr. Frank Gallagher says that the district’s computer network was hit by the malware attack on September 1, after students had returned to class the…
Scraping A Public Website Doesn’t Violate the CFAA, Ninth Circuit (Mostly) Holds
Orin Kerr writes: The Ninth Circuit Court of Appeals has handed down a groundbreaking decision today on the federal computer hacking law, the Computer Fraud and Abuse Act (CFAA). In HiQ Labs v. LinkedIn, the court held that scraping a public website is likely not a CFAA violation. Under the new decision, violating the CFAA…
Secret Service Investigates Breach at U.S. Govt IT Contractor
Brian Krebs reports: The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections…
DoD Releases Public Draft of Cybersecurity Maturity Model Certification and Seeks Industry Input
Susan B. Cassidy, Samantha Clark, Ryan Burnette and Ian Brekke of Covington & Burling write: On September 4, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.4 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment. The CMMC was created in response to growing concerns by Congress and within…