IC3.gov PIN 20220914-001 14 September 2022 TLP: WHITE Summary The FBI has received multiple reports of cyber criminals increasingly targeting healthcare payment processors to redirect victim payments. In each of these reports, unknown cyber criminals used employees’ publicly-available Personally Identifiable Information (PII) and social engineering techniques to impersonate victims and obtain access to files, healthcare…
Watchdog calls for mandatory data breach notification laws in Victoria
Joseph Brookes reports: Victoria’s privacy watchdog has called for data breach notification laws in the state after a government department failed to tell people their data had been exposed in a serious breach by a man convicted of sexually assaulting a child. The former case worker, Alexander Jones, is currently serving a six-year prison sentence for…
OIG Warns USCIS Over Unauthorized Access to Systems and Information
Kylie Bielby reports: The Office of Inspector General (OIG) says U.S. Citizenship and Immigration Services (USCIS) did not apply the access controls needed to restrict unnecessary access to its systems, networks, and information. Access controls help to limit individuals from gaining inappropriate access to systems or data. But an OIG audit has found that USCIS…
Kansas school district pulls messaging app after data breach
KWCH reports: Andover Public Schools said it has pulled the popular messaging app, Seesaw after the app was hacked. According to the Seesaw website, the app is used by 10 million teachers, students and family members, but the company declined to say how many users were affected by the hack. In a letter to parents,…
Breach of software maker used to backdoor ecommerce servers
Dan Goodin reports: FishPig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach of its distribution server that allowed criminals to surreptitiously backdoor customer systems. The unknown threat actors used their control of FishPig’s systems…
Tax fraud ring leader jailed for selling children’s stolen identities
Sergiu Gatlan reports: The owner of a fraudulent tax preparation business, Ariel Jimenez, was sentenced to 12 years in prison for selling the stolen identities of thousands of children on welfare and helping “customers” to falsely claim tax credits, causing tens of millions of dollars in tax loss. His “customers” used the stolen identity info…