No significant details on this one yet, but Dayton Independent School District in Texas notified the Texas Attorney General’s Office that 841 Texans were notified by mail on April 14 of a data breach that involved names and Social Security Numbers. DataBreaches.net has emailed the district to ask for details and will update this post…
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
Sergiu Gatlan reports: GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. Since this campaign was first spotted on April 12, 2022, the threat actor has already accessed and stolen data from dozens of victim organizations using Heroku and Travis-CI-maintained OAuth apps, including…
Blue Earth County releases report on insider data breach that began in 2020
It seems like only yesterday that we were pointing to an insider-wrongdoing breach that involved people’s medical information. Oh right, it was. And here’s yet another one. Aaron Stuve reports: Blue Earth County has released information regarding a data breach from last year. The report said that an employee of the Human Services Department accessed…
DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii
Meanwhile, last week, AJ Vicens reported: Federal agents in Honolulu last week “disrupted” an apparent cyberattack on an unnamed telecommunication company’s servers associated with an underwater cable responsible for internet, cable service and cell connections in Hawaii and the region, the agency said in a statement Tuesday. Hawaii-based agents with Homeland Security Investigations, an arm…
Law firm says Deaconess doc viewed women’s personal, medical data without cause
John T. Martin reports on a disturbing case of insider-wrongdoing: A law firm says it has spoken with at least six women who received an apology letter in recent months from Deaconess Health System stating a physician accessed their medical records without purpose. The firm, Ladendorf Law of Indianapolis, may pursue claims on behalf of those women,…
Cyberbreach at Rideau Hall was ‘sophisticated’ intrusion, internal documents reveal
Jim Bronskill reports: Newly disclosed documents reveal the breach of an internal computer network at Rideau Hall was described to senior government officials as a “sophisticated cyber incident” in the days before the public was told of the security lapse. Internal government emails, obtained by The Canadian Press through the Access to Information Act, also…