In March, DataBreaches reported that North Orange County Community College District in California had been notifying more than 19,000 people about a data security incident. This week, NOCCCD submitted a notification to the California Attorney Genera’s Office, but it does not appear to be an update as much as a delayed notification to the state….
Cyberattack against Regina Public Schools likely ransomware
Alexander Quon reports: New information has emerged about the recent cyberattack that targeted Regina Public Schools, forcing it to shut down all internet-based systems such as email and other education tools. CBC News has reviewed a copy of a note that has appeared on computers that were part of the school district’s network. The note says it…
Jailed Israeli private detective hired Indian hackers in job for Russian oligarchs: Court filing
TheWeek reports: An Israeli private investigator, currently awaiting his sentence in the US, used Indian hackers to conduct surveillance operations for ultra-wealthy Russians, according to a Reuters report. Reuters reported last year that Israeli private detective Aviram Azari was accused of hiring the Indian hacking firm BellTroX on behalf of powerful clients. Independent journalist Scott…
GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack
Pierluigi Paganini reports: GitHub provided additional details about the incident that suffered in April, the attackers were able to steal nearly 100K NPM users’ credentials. In April, GitHub uncovered threat actors using stolen OAuth user tokens to gain access to their repositories and download private data from several organizations. […] The threat actors allegedly obtained the…
IL: Cyberattack costs City of Quincy $650,000
J. Robert Gough reports: Quincy Mayor Mike Troup said the city has spent about $150,000 on outside consultants and $500,000 for an encryption key to regain access to the city’s information services systems. In other words, $500,000 in ransomware. In a news conference Tuesday morning, Troup gave a timeline of events that have taken place…
Data breach class actions: Southern District of New York dismisses action against health care providers for lack of standing
James Bogan III of Kilpatrick Townsend & Stockton LLP writes: Takeaway: In a prior article, we reported on the Second Circuit’s decision in McMorris v. Carlos Lopez & Associates, LLC, 995 F.3d 295 (2d Cir. 2021), in which the court, ruling on an issue of first impression, set out a non-exhaustive three-factor test for determining…