Britton White writes: After a university was recently hit with Ransomware, I decided to research the university’s domain name searching for any users who might have been hit with Redline Infostealer/Malware. To no surprise, I found many students had unknowingly had their saved browser credentials scraped (stolen/exfiltrated). It didn’t take long to find a student…
Conti’s Ransomware Toll on the Healthcare Industry
Brian Krebs reports: Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other…
TX: Dayton Independent School District reports breach
No significant details on this one yet, but Dayton Independent School District in Texas notified the Texas Attorney General’s Office that 841 Texans were notified by mail on April 14 of a data breach that involved names and Social Security Numbers. DataBreaches.net has emailed the district to ask for details and will update this post…
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
Sergiu Gatlan reports: GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. Since this campaign was first spotted on April 12, 2022, the threat actor has already accessed and stolen data from dozens of victim organizations using Heroku and Travis-CI-maintained OAuth apps, including…
Blue Earth County releases report on insider data breach that began in 2020
It seems like only yesterday that we were pointing to an insider-wrongdoing breach that involved people’s medical information. Oh right, it was. And here’s yet another one. Aaron Stuve reports: Blue Earth County has released information regarding a data breach from last year. The report said that an employee of the Human Services Department accessed…
DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii
Meanwhile, last week, AJ Vicens reported: Federal agents in Honolulu last week “disrupted” an apparent cyberattack on an unnamed telecommunication company’s servers associated with an underwater cable responsible for internet, cable service and cell connections in Hawaii and the region, the agency said in a statement Tuesday. Hawaii-based agents with Homeland Security Investigations, an arm…