Lawrence Abrams reports: Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. With so much of our daily activities done from our mobile devices, whether paying bills, shopping, or communicating with friends and colleagues, threat actors increasingly conduct smishing (SMS phishing)…
Former Disney Employee Admits to Hacking Menu System to Change Allergy Information
Lucas Ropek reports: A former Disney employee who was fired for misconduct has admitted to hacking into the company’s menu creation software to alter key details, including food allergy information that could have been dangerous to customers at the resort’s restaurants. A complaint brought by the Justice Department last year claimed that a man named…
RIBridges has many lines of defense. How was the system breached?
This article by Alexander Castro originally appeared in Rhode Island Current on January 10, 2025 and is republished here under Creative Commons License. It was updated to replace several paragraphs in the “Slow Leak” section to include a response Deloitte sent the author post-publication. Rhode Island’s online public benefits system appears to be a fortress…
Nine months after discovering a ransomware attack, Teton Orthopaedics notifies patients
On March 25, DataBreaches entered Teton Orthopaedics’ name on a monthly worksheet this site uses for tracking breaches in the healthcare sector. The entry wasn’t based on any report by Teton Orthopaedics or media, and DataBreaches had been unable to find any notice by the provider. The entry was based on a claim by the…
PowerSchool Sued Over December Breach of Student, Teacher Data
Christopher Brown reports: PowerSchool Holdings Inc. is facing three federal lawsuits alleging the education software provider negligently failed to protect the personal information of students, parents, and teachers that was exposed in a December data breach. Sheilah Buack-Shelton, Tyler Baker, and Kimberly Kinney alleged in separate complaints that PowerSchool breached its duties under common law,…
PowerSchool Incident: A few resources for teachers, parents, and former students (2)
DataBreaches is trying to keep up with updates from PowerSchool, but from the outset, DataBreaches has recommended districts, parents, and teachers assume the worst — i.e., assume that all of the data really weren’t deleted permanently. On the premise of better safe than sorry, and reminding people that PowerSchool’s attorney is not YOUR attorney, here…