Accounting firm Perkins & Co. in Portland Oregon has submitted a notification to the Vermont Attorney General’s Office about a breach that goes back to 2020 — the Netgain ransomware incident that impacted numerous clients and individuals. According to Perkins’ notification, Netgain first notified them of the breach in December 2020. So why did it…
Workers overpaid during cyberattack told they have to pay employers back
Jason Stoongenke reports: Workers across the country are finding out they owe their employers money after hackers attacked a company that handles timesheets. The service was out for several weeks. In December, Kronos, which handles timesheets for many major companies, experienced a ransomware attack, causing its systems to be down for about seven weeks. Read…
Costa Rica’s public health agency hit by Hive ransomware
Sergiu Gatlan reports: All computer systems on the network of Costa Rica’s public health service (known as Costa Rican Social Security Fund or CCCS) are now offline following a Hive ransomware attack that hit them this morning. Hive, a Ransomware-as-a-Service (RaaS) operation active since at least June 2021, has been behind attacks on over 30 organizations, counting only the victims…
School Board hacked after emails of contractors compromised
Emily Burleigh reports: The Calcasieu Parish School Board has been the victim of a cyber fraud incident. “Because we at the Calcasieu Parish School Board believe in full honesty and transparency, we want to make stakeholders aware of a cyber fraud incident involving our district,” CPSB spokesperson Holly Holland said in a statement to the American…
AU: NDIS case management system provider breached
Justin Hendry reports: A security breach of a cloud-based client management system used by National Disability Insurance Scheme (NDIS) service providers has exposed a “large volume” of health and other sensitive data. CTARS, a Sydney-based software and analytics provider for the disability and care sectors, this week revealed an unauthorised third-party had gained access to…
Data breach at Australian pension provider Spirit Super impacts 50k victims following phishing attack
Jessica Haworth reports: A phishing attack at Australian pension provider Spirit Super has resulted in “some personal details being compromised”. The ‘super fund’ confirmed that user data was breached on May 19, 2022 after an employee’s email account was accessed. An investigation into the incident found that there was “unauthorized access to a mailbox containing personal data”…