(Google translation:) Why falsify vaccination cards when you can issue certificates yourself? Shortly before Christmas, pharmacies are apparently the target of a phishing attack: Fraudsters send an email to the owners asking them to log into the DAV portal and confirm the new terms and conditions. The aim is apparently to formulate the login data. Pharmacist Dr. Thomas…
Evanston Township High School Defrauded Of $48,570 In Hack That Exposed 1,139 Identities
I’m backfilling a breach report from November as I just saw it now and it seems that others tracking k-12 data breaches may not have been aware of it, either. Jonah Meadows had reported that Evanston Township High School officials in Illinois were scammed out of more than $48,000 during a monthslong data breach that…
Luxemburg-Casco School District notifies employees of data breach
On November 18, 2021, Luxemburg-Casco School District in Wisconsin experienced a data security incident that resulted in unauthorized access to 1,399 individuals’ personal information involving their name in combination with social security number and financial account information without the PIN number or access code. In response to the breach, and in addition to offering those…
Health Ministry of Brazil Hit by Two Ransomware Attacks in One Week; Vaccination Data Stolen & Taken Offline
Scott Ikeda reports: While it is far from uncommon for an organization to announce that it has been hit by a ransomware attack, two in one week is an unusual event. Brazil’s Health Ministry is looking at extended downtime for the system that processes Covid-19 vaccination data as it attempts to recover from this exact…
The Medical Review Institute of America notifies patients of ransomware incident (updated)
The Medical Review Institute of America (“MRIoA”) collects protected health information (PHI) as part of providing clinical peer review for covered entities that request it (if the patient consents to provide info for the review). MRIoA was hit with ransomware in November. And although they do not directly state that they paid ransom, it sounds…
Ninth Circuit overturns $1.7 million restitution order for Russian hacker
Maria Dinzeo reports: Russian hacker Yevgeniy Nikulin is off the hook for $1.7 million in restitution a federal judge ordered him to pay four tech companies whose user databases he breached in 2012. The Ninth Circuit overturned the award Wednesday, finding insufficient support for the amount of resources the companies claim to have spent trying to repair…