A Connecticut law firm is disclosing a breach that is still under investigation. The firm claims that it was in July that they received confirmation of data access. They do not reveal when the attack actually occurred or when it was first detected. DataBreaches.net has written to the firm to ask for clarification on the…
PA: Corry School District says ransomware attack may have exposed current — and very old — data on staff, students
Here we go again — another ransomware attack on a k-12 school district, and the threat actors may have obtained current — and very old — data on both students and personnel. Kudos to the district for promptly alerting their community as to the possibility and risks, but still, this is serious. So far, this…
UNC Hospitals Notifies Patients that Former Employee Used Patient Information for Personal Gain
CHAPEL HILL, N.C.–(BUSINESS WIRE)–UNC Hospitals announced that it has mailed letters to 719 patients whose information may be at risk for identity theft. On September 10, 2021, UNC Hospitals learned that one of its employees was using patient information for personal financial gain. The employee was responsible for handling payments from patients for services rendered…
Governments turn tables on ransomware gang REvil by pushing it offline
Joseph Menn and Christopher Bing broke the news yesterday: The ransomware group REvil was itself hacked and forced offline this week by a multi-country operation, according to three private sector cyber experts working with the United States and one former official. …. “The FBI, in conjunction with Cyber Command, the Secret Service and like-minded countries,…
Thief Who Swiped 94,000 Credit Card Numbers At Michaels Stores In NY, NJ, CT, PA Sentenced
Jerry DeMarco reports an update to a breach previously covered extensively on this site over the past decade. A member of an ID theft ring that stole more than $600,000 from customers at Michaels stores in New York, Connecticut, New Jersey, Pennsylvania, and elsewhere was sentenced to 51 months in federal prison on Thursday. Jose “Tito”…
Ohio State University email gaffe creates a FERPA breach
An email gaffe due to not using bcc: instead of cc: or TO: revealed almost 400 Ohio State University students’ disability status to other students. Read the story on The Lantern. Note that this is a FERPA issue, and there really is no requirement for breach notification to those impacted, but the unintended disclosure needs…