Security Patches and Windows TCO
-
LWN ☛ Security updates for Friday
Security updates have been issued by Debian (chromium, gimp-dds, horizon, libde265, thunderbird, vlc, and zbar), Fedora (java-17-openjdk and xen), Mageia (optipng, roundcubemail, and xrdp), Red Hat (postgresql), Slackware (samba), SUSE (chromium, containerd, docker, runc, libqt4, opera, python-django-grappelli, sqlite3, and traceroute), and Ubuntu (linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, and linux-azure, linux-azure-6.2, linux-azure-fde-6.2, linux-gcp, linux-gcp-6.2).
-
OAIC alleges Australian Clinical Labs hack resulted from lacklustre security measures
Australian Clinical Labs (ACL) parent company Medlab back in February 2022 announced that it had suffered a cyber attack at the hands of the Quantum hacking group, which stole 86 gigabytes worth of data belonging to over 200,000 people, which included health information, passport details, and credit card information (number, expiry and CVV).
Earlier this month, the OAIC commenced legal proceedings against Australian Clinical Labs, accusing it of a lack of appropriate security measures needed to protect its customers.
-
Data Breaches ☛ Pacific Cataract and Laser Institute confirms cyberattack [Ed: Windows TCO]
An undated notice on its website states that their communications systems and computers have been disrupted by a cyberattack.
“Our clinical and surgical equipment is operational and unaffected and we continue to see patients. Although some appointments have been canceled, we’re doing all we can to minimize that,” the notice states.
-
Personal information of 900 Butte School District employees compromised in cyberattack
Personal information, including social security numbers, was compromised in a cyberattack on the Butte School District that directly impacted more than 900 school district employees.
Butte School Superintendent Judy Jonart said employees have been offered 12 months of free credit monitoring protection.
[…]
School officials first noticed the district’s computer system was hacked on Nov. 4 and since then, the system has been shut down to prevent further intrusion.
-
Data Breaches ☛ PA: Great Valley School District Falls Victim to Ransomware Attack [Ed: Windows TCO]
As DataBreaches noted yesterday on infosec.exchange, the Medusa ransomware gang claims to have hit Great Valley School District in Pennsylvania. They provide a filetree showing a lot of Skyward, Canvas, PowerSchool, and other internal files, as well as 20+ screencaps of student info and employee info files to support their claim. They are demanding $600k from a district that has more than 4,000 students.
-
Data Breaches ☛ If you’re in Rock County, Wisconsin, do NOT read this post. Absolutely do not read this post.
If you’re in Rock County, Wisconsin, it seems your Information Technology Director and Corporation Counsel do not want you to know certain things about the September ransomware attack — even though people in the rest of the country may already know what they have decided not to tell you. They didn’t even tell your own county board certain details, it seems.
So let’s talk about what they didn’t disclose, because DataBreaches believes that consumers and patients who are victims of data breaches have a right to know and need to know so they can assess their risk and then make decisions on how to protect themselves.
[...]
By September 30, it had already been publicly reported that the threat actor was a ransomware group called Cuba, which is believed to be connected to Russia.