Joseph Menn and Christopher Bing report: The suspected Russian hackers who used SolarWinds and Microsoft software to burrow into U.S. federal agencies emerged with information about counter-intelligence investigations, policy on sanctioning Russian individuals and the country’s response to COVID-19, people involved in the investigation told Reuters. The hacks were widely publicized after their discovery late…
Two more ransomware attacks on the education sector revealed
In August, DataBreaches.net highlighted ransomware threat actors known as Pysa who have been attacking both the medical sector and the education sector — two sectors near and dear to this site’s publisher. Today, we report on two more school districts attacked by Pysa. Consolidated High School District 230 The Consolidated High School District 230 in…
Federal government announces two initiatives of note
In the news yesterday: Deputy Attorney General Lisa O. Monaco Announces National Cryptocurrency Enforcement Team Deputy Attorney General Lisa O. Monaco announced today the creation of a National Cryptocurrency Enforcement Team (NCET), to tackle complex investigations and prosecutions of criminal misuses of cryptocurrency, particularly crimes committed by virtual currency exchanges, mixing and tumbling services, and…
Ransomware actor tries to pressure Allen ISD by emailing parents
Benjamin Freed reports: The malicious actors behind a ransomware attack against a school district in Texas attempted to extract payment this week with what one analyst said appears to be an entirely new tactic: emailing parents of students with a threat that if school officials do not pay up, their kids’ personal information may be…
Twitch confirms hack, reports say 125gb of data lost in privacy breach
Nivedita Balu of Reuters reports: Amazon.com Inc’s live streaming e-sports platform Twitch said on Wednesday it was hit by a data breach, without providing further details. An anonymous hacker claimed to have leaked Twitch data, including information related to the company’s source code, clients and unreleased games, according to Video Games Chronicle, which first reported the news of the…
Telegraph newspaper bares 10TB of subscriber data and server logs to world+dog
Gareth Corfield reports: The Telegraph newspaper managed to leak 10TB of subscriber data and server logs after leaving an Elasticsearch cluster unsecured for most of September, according to the researcher who found it online. The blunder was uncovered by well-known security researcher Bob Diachenko, who said that the cluster had been freely accessible “without a…