For your reminder of the insider threat for this week, Tolly Taylor reports: A Maryland pharmacist is accused of installing spyware on 400 computers over eight years to watch women at the hospital or in their homes, a lawsuit alleges. Six women filed a civil lawsuit on Thursday against the University of Maryland Medical System,…
Could Trump Budget Cuts Lead to More Cyberattacks Against Schools?
Arianna Prothero and Lauraine Langreo report: Schools stand to lose vital cybersecurity support from the federal government as the Trump administration takes dramatic steps to shrink its size, and the Education Department suspends a major cybersecurity support initiative. […] Education Week has confirmed that the U.S. Department of Education, at the behest of Homeland Security,…
16 months after they experienced a ransomware attack, Dameron Hospital notifies those affected
In 2017, Dameron Hospital in Texas reported a breach to the California Attorney General’s Office. No copy of its breach notification was uploaded to California’s breach site, and Dameron did not respond to this site’s email asking for details of the breach. The incident never appeared on HHS’s public breach tool, so we never found…
Hackers strike Australia’s largest pension funds in coordinated attacks
Christine Chen reports: Hackers targeting Australia’s major pension funds in a series of coordinated attacks have stolen savings from some members at the biggest fund, according to a source with knowledge of the matter, and compromised more than 20,000 accounts. National Cyber Security Coordinator Michelle McGuinness said in a statement she was aware of “cyber…
Hacking Verizon Call Records: A Security Breach with National Security Implications
Kirsten Doyle reports: Security researcher Evan Connelly recently identified a security vulnerability in the Verizon Call Filter iOS app which made it possible for a malicious actor to leak call history logs of Verizon Wireless customers. Call logs can be highly valuable, particularly for nation-states, as they enable intelligence agencies to map social networks, track high-value targets, figure…
Sensitive data was leaked in 2024 Highline Public Schools ransomware attack
Caitlyn Freeman reports: Personal information including Social Security numbers was compromised during the ransomware attack that hit Highline Public Schools in September, officials announced Wednesday. School officials noticed malicious activity on its servers Sept. 7. The district closed schools for two days after the attack, which was later labeled a ransomware attack. After a nearly five-month investigation, officials…