Krystal Kuykendall reports: The Royal Ransomware is claiming to have infiltrated public school management and virtual learning provider Edison Learning, posting on its dark web data leak site on Wednesday, April 26, that it had stolen 20GB of the company’s data “including personal information of employees and students” and threatening to post the data “early next…
Bits ‘n Pieces (Trozos y Piezas)
CL: Saville Row attacked by BlackCat Saville Row, a Chilean clothing store, was added to BlackCat’s leak site on April 21. Sample files provided by the threat actors included internal Saville Row documents such as invoices and purchase orders. DataBreaches found no notice of any incident on the store’s website or social networks. They did…
Key U.S. Marshals computers still down 10 weeks after breach
Devlin Barrett reports: A key law enforcement computer network has been down for 10 weeks, the victim of a ransomware attack that has frustrated efforts by senior officials to get the system back up and running — raising concerns about how to secure critical crime-fighting operations. While the initial breach of a computer system within…
Nashua School District hit by ‘sophisticated’ cyberattack; classes to go on as scheduled Monday
Jessica Kisluk reports: The Nashua School District said classes will go on as scheduled Monday after it was hit by a “sophisticated” cyberattack Sunday. The district said it is working with a third-party investigator to determine the nature and scope of the attack. “We are working diligently to investigate the incident, confirm its impact on…
HC3: Sector Alert Report: New Data Breaches from Cl0p and Lockbit Ransomware Groups
April 28, 2023 New Data Breaches from Cl0p and Lockbit Ransomware Groups Executive Summary Ransomware-as-a-service (RaaS) groups Cl0p and Lockbit recently conducted several distinct attacks, exploiting three known vulnerabilities (CVE-2023-27351, CVE-2023-27350, and CVE-2023-0669). The Cybersecurity and Infrastructure Security Agency (CISA) added the latter two vulnerabilities to its Known Exploited Vulnerabilities Catalog but has not yet…
U. of Iowa Health Care denies sharing patient data with Facebook, but are they right?
DataBreaches never accused U. of Iowa Health Care of sharing patient data with Facebook, but it seems that someone did. Clark Kaufmann reports: The University of Iowa Hospitals & Clinics is denying that it shares any confidential patient information with Facebook. Last week, lawyers for an Iowa woman, Eileen Yeisley, filed suit against UIHC in…