Security and FUD Leftovers
-
U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in Prison
Joseph James “PlugwalkJoe” O’Connor, a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter, has been sentenced to five years in a U.S. prison. That may seem like harsh punishment for a brief and very public cyber joy ride. But O’Connor also pleaded guilty in a separate investigation involving a years-long spree of cyberstalking and cryptocurrency theft enabled by “SIM swapping,” a crime wherein fraudsters trick a mobile provider into diverting a customer’s phone calls and text messages to a device they control.
-
Black Basta Ransomware
What is Black Basta Ransomware? Black Basta is a threat group that provides ransomware-as-a-service (RaaS).
-
Personal data leaks as Perpetual hit by ransomware attack
On its website, Perpetual lists Tech Mahindra as its registry provider. The Indian firm has suffered a ransomware attack that came to light in March 2021, when its Smart City Project in Pune crippled 25 of its servers.
Perpetual has about $210 billion in funds under management. The company said it had previously reported an extended outage as a result of the incident.
-
Akira Ransomware Expanded its Toolkit to Attack Linux Machines [Ed: The issue here is VMware, not Linux, but Microsoft-connected sites are running anti-Linux campaigns for Microsoft lately]
A newly emerged ransomware known as Akira expands its operations to target Linux-based platforms which add the “.akira” file extension to each compromised file.
-
Linux version of Akira ransomware targets VMware ESXi servers
By targeting ESXi servers, a threat actor can encrypt many servers running as virtual machines in a single run of the ransomware encryptor.
-
Security updates for Thursday [LWN.net]
Security updates have been issued by Debian (chromium and maradns), SUSE (iniparser, kubernetes1.23, python-reportlab, and python-sqlparse), and Ubuntu (accountsservice and linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon).
-
Lumberton ISD cyberattacked, personal information stolen
Global hackers that took aim at a foreign government have also claimed responsibility for a data breach at Lumberton ISD, according to an email sent to an East Texas newspaper. Wanting to warn the local school district’s stakeholders about the compromised intel, staff from the out-of-town daily reached out to The Examiner with the news on June 26. […]
According to Edwards, the email from Rhysida contained attachments showing W-9 files, Social Security cards, Texas Driver licenses, passports, a substitute teacher’s application form, spread sheets that appear to contain Social Security numbers of students or employees, a vendor form with a Social Security number and tax identification number, and addresses from Lumberton ISD.
-
Barrow County notifies people of a breach that began more than a year ago
The notice does not state when they first discovered the breach, but only that “Upon learning of the incident, Barrow County promptly began an internal investigation and engaged a forensic security firm to investigate the incident and secure its computer and email systems.”
-
Ransomware attack at Chattanooga State affects data of 1,244 people
A ransomware attack discovered at Chattanooga State Community College in May compromised the personal information of 1,244 people, according to the college.
The majority of the people affected had taken the GED test at the college’s testing center in 2012 and 2013, the college said in a news release Tuesday.
-
Pilot Applicant Information for American, Southwest Hacked
The attack exposed personal information from pilot applicants, prompting both airlines to ditch their third-party provider and move services internally.
-
Lawyer censured for using TeamViewer to snoop on former firm's business activity
A lawyer in Cherry Hill, New Jersey, has been censured after acknowledging that he “fell into stupid” and accessed his former law firm’s computer system to monitor his former partner’s business activity.
The New Jersey Supreme Court censured lawyer Justin L. Scott in a May 31 order, Law360 reports.
The New Jersey Supreme Court’s disciplinary review board had recommended a censure in an October 2022 decision.
-
More than a million NHS patients’ details compromised after cyberattack
NHS details of more than a million patients have been compromised in a cyberattack, senior health chiefs have been warned.
A recent ransomware attack on the University of Manchester affected an NHS patient data set that holds information on 1.1 million patients across 200 hospitals, leaks to The Independent have confirmed.
Among the details potentially exposed are NHS numbers and the first three letters of patients’ postcodes.
-
Federal lawsuit blames Whitworth University for ransomware attack last summer, loss of data
A Whitworth University student is asking a federal judge to approve a class action against the school for damages stemming from a ransomware attack discovered in July 2022 that affected more than 65,500 people.
The lawsuit, filed Thursday in U.S. District Court in Spokane, alleges Whitworth was negligent in allowing a still-unidentified attacker to access health, financial and personal data of past and present students, staff and faculty. It was filed by Patrick Loyola, identified in court documents as a student at the time of the attack. The university initially reported the incident as a “sophisticated security issue” in August before informing the Washington attorney general’s office in October that a ransomware attack had occurred.
-
High school changes every student’s password to ‘Ch@ngeme!’
After a cybersecurity audit mistakenly reset everyone’s password, a high school changed every student’s password to “Ch@ngeme!” giving every student the chance to hack into any other student’s account, according to emails obtained by TechCrunch.
Last week, Oak Park and River Forest (OPRF) High School in Illinois told parents that during a cybersecurity audit, “due to an unexpected vendor error, the system reset every student’s password, preventing students from being able to log in to their Google account.”
-
Henrietta Johnson Medical Center patients affected by breach at Delaware Health Network
The Henrietta Johnson Medical Center in Delaware has posted notice that some patient data was involved in a breach at Delaware Health Network (“DHN”). DHN is a healthcare-controlled network provider and electronic health records management provider that provides services to Henrietta Johnson Medical Center (“HJMC”) and other entities.
According to HJMC’s notice, DHN experienced a “cyber event” that began on April 5. That incident involved unauthorized access to systems and the copying of certain files. And also according to their notice, to date, DHN has not identified the precise patient data that may have been impacted. Unsurprisingly, then, HJMC submitted a report to HHS on June 27 that indicated 500 patients were affected, which DataBreaches interprets as a marker for “Hey, we know we have more than 500 patients affected and we have to report within 60 days, so we’re letting you know we had a breach.”