Bill Toulas reports: The WordPress WP HTML Mail plugin, installed in over 20,000 sites, is vulnerable to a high-severity flaw that can lead to code injection and the distribution of convincing phishing emails. ‘WP HTML Mail’ is a plugin used for designing custom emails, contact form notifications, and generally tailored messages that online platforms send…
IRS Will Soon Require Selfies for Online Access
Brian Krebs reports: If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me, an online identity verification service that…
Two covered entities who discovered breaches last summer first notifying patients
Two breaches that were first reported to HHS in November have now been more fully disclosed. Both of the following breaches were first reported to HHS in November as impacting 500 or 501 patients — entries that this site usually suspects are just “markers” for “we have no idea yet how many were impacted.” Anne…
CA: Chico State computer hacker sentenced
Chloe Curtis reports on an insider breach that exposed students’ personal information and requests for COVID vaccination exemptions: A 22-year-old Chico man was sentenced to probation, fines and community service after admitting to illegally hacking multiple computers at Chico State. Alejandro Benitez appeared in Butte County Superior Court on Thursday where he entered a plea…
Thousands of Indians’ Covid-19 related data leaked online (Updated to include NHA’s denial that it came from Co-WIN)
PTI reports: Personal data of thousands of people in India has been leaked from a government server which includes their name, mobile number, address and Covid test result, and these information can be now be accessed through an online search. The leaked data has been put on sale on Raid Forums website where a cyber…
Griggsville-Perry School District hit by ransomware attack; early dismissal
KHQA reported yesterday: The Griggsville-Perry School District in Pike County, Ill., has been the victim of ransomware hackers who are holding files hostage in return for a ransom. While administrators and staff deal with the fallout, schools in the district will dismiss early on Thursday and Friday. Shuttle busses will run at noon, and dismissal…