ChildFund in New Zealand has issued a public notice about a data breach involving a telemarketing company, Pareto Phone Limited. ChildFund had contracted with Pareto in 2014 to conduct fundraising activity on its behalf. ChildFund does not say when it may have stopped working Pareto, but Pareto suffered a cyberattack in April of this year…
British charities warn supporters their personal data has been breached
Graham Cluley writes: UK charities including Shelter, the RSPCA, the Dogs Trust, Battersea Dogs and Cats Home, and Friends of the Earth have warned their supporters that hackers have stolen their data following a breach at a supplier. The charities themselves haven’t been hacked. The problem instead lies with third-parties working with the charities to…
Chinese hackers stole 60,000 emails from US State Department in Microsoft hack, Senate staffer says
Raphael Satter reports: Chinese hackers who subverted Microsoft’s email platform earlier this year managed to steal tens of thousands of emails from U.S. State Department accounts, a Senate staffer told Reuters on Wednesday. The staffer, who attended a briefing of State Department IT officials earlier Wednesday, said the officials told lawmakers that 60,000 emails were…
Baruch College closed for the remainder of the week amid malware attack
Suporna Das reports: Baruch College extended remote learning through Sept. 29 after announcing on Sept. 27 that the network outages across the campus were due to a malware attack. […] Baruch Computing and Technology Center and other departments have restored some of Baruch’s network, including the website and Baruch’s email. It did not state if…
Healthcare Organizations Experience 279% Increase in Business Email Compromise in 2023
Mike Britton writes about data collected by Abnormal Security: According to Abnormal data, the healthcare industry is experiencing a 167% increase in advanced email attacks in 2023, which includes BEC, credential phishing, malware, and extortion. While the year isn’t over yet, this signals the need for more sophisticated security to protect patients, employees, and the organizations…
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
Brian Krebs reports: The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into…