Anton Nilsson reports: NSW agencies may have delayed reporting a massive cyber attack to authorities for nearly a month, officials revealed on Monday. The breach of a software known as Accellion in December 2020 affected businesses and agencies worldwide, including Transport for NSW which had sensitive information stolen and posted on the dark web. Cybersecurity NSW…
OH: Hilliard City Schools evaluating protocols after releasing 4,200 names of students in public-information request
A. Kevin Corvo reports: Hilliard City Schools leaders are reviewing protocols related to public-information requests after learning Feb. 27 the district released the identity of students who were subject to disciplinary measures. “This was a mistake (and) we need to be better. … Steps are being taken to ensure that it won’t happen again,” Superintendent David…
Adafruit discloses data leak from ex-employee’s GitHub repo
Ax Sharma reports: Adafruit has disclosed a data leak that occurred due to a publicly-viewable GitHub repository. The company suspects this could have allowed “unauthorized access” to information about certain users on or before 2019. Based in New York City, Adafruit is a producer of open-source hardware components since 2005. The company designs, manufactures, and sells electronics…
Malware now using stolen NVIDIA code signing certificates
Lawrence Abrams reports: Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. […] After Lapsus$ leaked NVIDIA’s code-signing certificates, security researchers quickly found that the certificates were being used to sign malware and other tools used by threat actors. According to samples…
Duncan Regional Hospital notifies more than 92,000 patients of data security incident
Charlene Belew reports: Officials with DRH Health, the leading healthcare provider in Stephens County, confirmed Friday, March 4 a data incident dating back to January of this year may have impacted protected health information for some patients. On Jan. 20, DRH reported an incident affected on of their servers, although an investigation launched immediately and…
Hackers leak 190GB of alleged Samsung data, source code
Ionut Ilascu reports: The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. The leak comes less than a week after Lapsus$ released a 20GB document archive from 1TB of data stolen from Nvidia GPU designer. In a note posted…