Whitefish School District in Montana recently reported a data breach they discovered on March 11. An investigation discovered that an employee’s computer had been accessible to an attacker because the employee had fallen for a social engineering scam. As a result, a system containing personal information was open and accessible to the attacker. That system…
Lapsus$, Okta and the Health Sector
A whitepaper from the HHS Cybersecurity Program. April 7, 2022 Available online at https://www.hhs.gov/sites/default/files/lapsus-okta-health-sector-tlpwhite.pdf (26 pp, pdf)
Details on the Weatherford ISD data breach
DataBreaches.net has received the following statement from Charlotte LaGrone, Executive Director of Communications for Weatherford ISD, concerning the breach DataBreaches.net reported yesterday: Weatherford ISD Statement on Data Breach The confidentiality, privacy, and security of information in our care is one of our highest priorities. Despite multiple layers of processes and procedures to prevent a data…
East Tennessee Children’s Hospital updates information on ransomware incident
On March 15, this site noted that the East Tennessee Children’s Hospital had posted a notice about an IT security incident. At the time, they did not identify the incident as a ransomware incident. DataBreaches.net subsequently found some explanation for that notice — a listing on a Russian-language forum offering data from ETCH with numerous…
Microsoft on disrupting cyberattacks targeting Ukraine; Facebook on countering Ghostwriter’s attempts
Tom Burt , the Corporate Vice President, Customer Security & Trust at Microsoft writes: Today, we’re sharing more about cyberattacks we’ve seen from a Russian nation-state actor targeting Ukraine and steps we’ve taken to disrupt it. We recently observed attacks targeting Ukrainian entities from Strontium, a Russian GRU-connected actor we have tracked for years. This…
Five ransomware groups, five victims… will it ever ease up?
The following is a snapshot of recent attacks on U.S. healthcare entities by ransomware teams. #1 First Choice Community Healthcare – Hive Hive threat actors have never sworn off attacking the healthcare sector. In addition to claiming that they attacked the Partnership HealthPlan of California on March 19 (an attack that has impacted PHPC’s functioning),…