Sergiu Gatlan reports: Many LastPass users report that their master passwords have been compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations. The email notifications also mention that the login attempts have been blocked because they were made from unfamiliar locations worldwide. If you are…
Another T-Mobile cyberattack reportedly exposed customer info and SIMs
Mitchell Clark reports: T-Mobile has suffered another cyberattack after being rocked by a massive data breach in August. This time around, attackers accessed “a small number of” customers’ accounts, according to documents posted by The T-Mo Report. According to the report, customers either fell victim to a SIM swapping attack (which could allow someone to bypass SMS-powered two-factor authentication), had…
Monterey Peninsula Unified School District notifying current and former employees of data security incident
The Monterey Peninsula Unified School District has been notifying current and former employees of a data security incident that they discovered on or about November 1. They do not explain how they became aware that their network may have been subject to unauthorized access. W In their notification, a copy of which was submitted to…
SD: Brown County received notification of a breach when computer system shut down in August
Elisa Sand reports: Months after the Brown County computer system was down for an extended stretch, a few details about the incident are being confirmed. Emergency Management Director Scott Meints said the incident started on Aug. 1 when the county’s information technology department received a notification that an external agency had set up malware to…
Kearsarge Regional School District notified parents of data security incident
On November 4, external counsel for Kearsarge Regional School District in New Hampshire notified the New Hampshire Attorney General’s Office about a data security breach. According to the notification, on August 27, the threat actor was able to access and possibly acquire a file containing information on 1,825 students enrolled in the district’s meal plan…
Shutterfly services disrupted by Conti ransomware attack
Lawrence Abrams reports: Photography and personalized photo giant Shutterfly has suffered a Conti ransomware attack that allegedly encrypted thousands of devices and stole corporate data. Although many associate Shutterfly with their website, the company’s photography-related services are aimed at consumer, enterprise, and education customers through various brands such as GrooveBook, BorrowLenses, Shutterfly.com, Snapfish, and Lifetouch. Read…