Audra Streetman reports: The University of Colorado released new information on Friday about the Accellion data breach that compromised more than 310,000 university records. Officials say the data accessed in the breach includes personally identifiable information, including grades and transcript data, visa and disability status, medical and prescription information and in limited cases, Social Security…
Search Results for: accellion
Vulnerability: Est. Millions of Users of Popular Educational Platform Exposed to Account Takeover Threats And More
A lot of universities have been attacked recently. Not all attacks are related to the Moodle vulnerability described in this report (e.g., all the Accellion-related university breaches), but the Moodle vulnerability worth noting and addressing if it applies to your uni. Chase Williams reports: At the beginning of October 2020, the Wizcase cyber research team, led by…
UPDATE: Trillium Health IT specialist pleads guilty to stealing personal info from colleagues’ computers
Some days, I see a name in my news feed and think, “Oh, I know about that breach already.” But then I doublecheck, only to learn that no, this was not the breach I had covered a week or so ago, but yet another breach involving the same name or a similar name. Such is…
Mobikwik offers master class in how NOT to respond to a breach; researchers scoff, consumers rage
Things have rapidly escalated in the wake of Mobikwik’s repeated denials that the digital wallet and payments network firm had a massive breach. As DataBreaches.net reported on Sunday, more than 8 TB of data from the firm had been listed for sale on a popular forum, data that allegedly included KYC (Know Your Customer) data…
Threat actors leak files with protected health information from U. Miami
In December and January, threat actors successfully exploited multiple vulnerabilities in an older file transfer system by Accellion. A number of Accellion’s clients subsequently found themselves on the receiving end of extortion demands to either pay the threat actors, or have their data dumped publicly. A number of firms apparently refused to pay, and their…
Malaysia call centre worker jailed for retrieving Singtel customer details that were later sold to loan sharks
Lydia Lam reports: A team leader at a call centre in Malaysia handling technical support for Singtel customers helped an ex-colleague retrieve information from more than 1,000 business accounts belonging to licensed moneylenders. The information, which included bills, company names and landline numbers, was later used by data sellers to carry out loan sharking activities….