—– A DataBreaches.net report by Dissent and Chum1ng0 —– In Part 1 of this series, DataBreaches.net described a number of attacks by Pysa (mespinoza) threat actors on medical entities in the U.S. In Part 2, we look at eight k-12 public school districts in the U.S. who either appear on the threat actors’ dedicated leak…
Illinois’ FOID Card System Hit By Cyber Attack
WROK1440 reports: Some parts of Illinois state government have really been taking it on the chin from the bad guys in cyberspace. On the heels of cyber attacks on the Illinois Attorney General’s Office and the Illinois Department of Employment Security, comes word of trouble for the Illinois State Police (ISP). So What Happened? Last Thursday, the…
Greenway Health investigating claims by threat actors of a cyberattack (updated)
Update of August 10: Following publication of our article with a statement from Greenway Health that the attack appeared to be on a former client and not them (but it was under investigation), DataBreaches.net checked the threat actor’s leak site today and found the entire listing is gone. This could mean a number of things,…
Chanel Korea issues apology over data theft
Kim Jae-heun reports: Online thieves managed to steal customer data, including phone numbers, in a cyberattack on some data centers managed by Chanel Korea. It’s unknown whether clients affected by the data leak will take legal action against the French luxury brand’s Korean firm.In a rare move, Chanel Korea issued a public apology after disclosing…
Actively exploited bug bypasses authentication on millions of routers
Sergiu Gatlan reports: Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads. The vulnerability tracked as CVE-2021-20090 is a critical path traversal vulnerability (rated 9.9/10) in the web interfaces of routers with Arcadyan firmware that could allow unauthenticated remote attackers to bypass authentication….
Vision for Hope notification of data security incident
Hope started as a school in Illinois for children with disabilities, but it expanded its mission over the years. This is a notification they posted on August 3: Vision for Hope (“Hope”) recently discovered an incident that may have involved the personal information or protected health information of some of its patients or other individuals….