John Koziol reports: For the second time this year, a North Country nonprofit organization based in the city has been hit by a ransomware attack. Hackers struck the Androscoggin Valley Regional Refuse Disposal District this spring, with the district paying an undisclosed amount to get its computer files back, while on Monday hackers targeted Coos…
Reports of ePHI breaches are everywhere, but not always were you might look
There are a number of journalists or sites that monitor news and legal notices for disclosures of breaches involving protected health information (PHI). And it’s tempting, when you see that the entity is a business, to just skip on by. But don’t. If a business has a health plan for employees, then they may be…
IN: Carmel Clay Schools notifying 15,817 after compromise of employee email accounts
On February 24, 2021, Carmel Clay Schools in Indiana discovered suspicious activity involving employee email accounts. Their investigation revealed that there had been unauthorized access between February 15 – February 24. It took the district, working with third-party forensic specialists, until August 31 to determine everyone who may have had personal information in the compromised…
VA: Greensville County Public Schools hit by Grief threat actors
Grief threat actors have added another k-12 district to their list of victims who have refused to pay their ransom demands. Greensville County Public Schools in Emporia, Virginia was added to Grief’s dark web leak site on September 21. But by September 15, the district had already disclosed that they were dealing with a cyberware…
Police investigating City of Helsinki data breach involving over 140 victims
The Helsinki Times reports: Helsinki police have begun a preliminary investigation into the actions of an employee of the City of Helsinki, who violated data privacy regulations by accessing the personal information of several individuals in the healthcare system without permission. In July, the City revealed that the employee, who worked in the social services and…
State-sponsored hacking group targets Port of Houston using Zoho zero-day
Catalin Cimpanu reports: A suspected state-sponsored hacking group has attempted to breach the network of the Port of Houston, one of the largest port authorities in the US, using a zero-day vulnerability in a Zoho user authentication appliance, CISA officials said in a Senate hearing today. Port officials said they successfully defended the attack, and “no…