Yasmin Rufo reports: The British Library has confirmed that a cyber attack in October has led to a leak of employee data. The attack, which took place on 31 October, has also resulted in the library’s website being down for almost a month. The Rhysida ransomware group claim to be behind the attack, and say…
Illuminate Education Defeats Data Breach Lawsuit for Second Time
Christopher Brown reports: Illuminate Education Inc. defeated for the second time a proposed class action alleging it failed to protect the personal information of more than 3 million elementary and high school students, which was exposed in a December 2021 data breach. The plaintiffs failed to show that they had suffered concrete harm from the breach…
A cyberattack on a U.K. accounting firm wound up leaking U.S. patient data. Now what?
DataBreaches would have passed over a listing on LockBit3.0’s site if Brett Callow hadn’t kindly called our attention to it. The listing by the threat actors was for HSKS Greenhalgh Chartered Accountants and Business Advisors, and LockBit claimed to have exfiltrated 168 GB of files with: Employees (NIN numbers, passport scans, ID scans, Employee forms…
Logs missing in 42% cyberattacks; small business most vulnerable: Report
Vasudha Mukherjee reports: Telemetry logs, which hold collection, transmission, and measurement of data, were found missing in 42 per cent of analysed cyberattacks, according to Sophos’ Active Adversary Report. Titled ‘The Active Adversary Report for Security Practitioners’, the report delves into incident response (IR) cases scrutinised by global cybersecurity firm Sophos. The report provides insights…
FCC adopts new rules to protect consumers from SIM-swapping attacks
Sergiu Gatlan reports: The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC’s Privacy and Data Protection Task Force introduced the new regulations in July. They are geared toward thwarting scammers who seek to access personal data and information…
K-12 schools improve protection against online attacks, but many are vulnerable to ransomware gangs
Alanna Durkin Richer repeorts: Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations. Since a White House conference in August on ransomware threats, dozens of school districts have signed up for free…