On March 8, Kari Lucin at The Globe reported that District 518 in Minnesota had confirmed a data breach involving an employee’s email account, but didn’t anticipate a big problem. Yesterday, Lucin followed up with the district’s confirmation that no personal information or data had been taken or used in the February incident. An investigation…
Ph: NBI raids house of ex-Smartmatic employee tagged in ‘data breach’
There is yet another update in the investigation into a security breach involving the Philippine Commission on Elections (Comelec) vendor Smartmatic. As of April 1, Smartmatic had acknowledged a data leak, but said it had dealt with the problem and fired the employee involved. Now we learn that the National Bureau of Investigation (NBI) has…
LockBit ransomware gang lurked in a U.S. gov network for months
Bill Toulas reports: A regional U.S. government agency compromised with LockBit ransomware had the threat actor in its network for at least five months before the payload was deployed, security researchers found. Logs retrieved from the compromised machines showed that two threat groups had compromised them and were engaged in reconnaissance and remote access operations….
Montgomery County and Florida Women Convicted of Hacking One’s Former Employer and Attempting to Extort Them
PHILADELPHIA – United States Attorney Jennifer Arbittier Williams announced that Frances Marie Eddings, 68, of Orlando, FL, and Jude Denis, 54, of Wyncote, PA, were convicted after trial in the Allentown Federal Courthouse of accessing a computer system without authorization for pecuniary gain from a non-profit charity organization. In September 2019, the defendants were charged…
RaidForums seized in Operation TOURNIQUET; forum’s administrator and two accomplices arrested
From Europol, today: The illegal marketplace ‘RaidForums’ has been shut down and its infrastructure seized as a result of Operation TOURNIQUET, a complex law enforcement effort coordinated by Europol to support independent investigations of the United States, United Kingdom, Sweden, Portugal, and Romania. The forum’s administrator and two of his accomplices have…
Singapore to license pentesters and managed infosec operators
Laura Dobberstein reports: Cybersecurity service providers must for licenses to operate in Singapore, under new regulations launched by the country’s Cyber Security Agency (CSA) on Monday. The new licensing framework requires vendors that offer penetration testing, and/or managed security operations centers (SOC) to get a licenses, in recognition that they access customers’ systems and therefore pose a…