School Board hacked after emails of contractors compromised

Emily Burleigh reports: The Calcasieu Parish School Board has been the victim of a cyber fraud incident. “Because we at the Calcasieu Parish School Board believe in full honesty and transparency, we want to make stakeholders aware of a cyber fraud incident involving our district,” CPSB spokesperson Holly Holland said in a statement to...

AU: NDIS case management system provider breached

Justin Hendry reports: A security breach of a cloud-based client management system used by National Disability Insurance Scheme (NDIS) service providers has exposed a “large volume” of health and other sensitive data. CTARS, a Sydney-based software and analytics provider for the disability and care sectors, this week revealed an unauthorised third-party had gained access...

Data breach at Australian pension provider Spirit Super impacts 50k victims following phishing attack

Jessica Haworth reports: A phishing attack at Australian pension provider Spirit Super has resulted in “some personal details being compromised”. The ‘super fund’ confirmed that user data was breached on May 19, 2022 after an employee’s email account was accessed. An investigation into the incident found that there was “unauthorized access to a mailbox containing personal...

Today’s exercise in reading between the lines

A recent notification by Aon had DataBreaches wondering exactly what went on with their incident response. Consider their description of what happened: What Happened? On February 25, 2022, Aon identified a cyber incident that, upon investigation, impacted a limited number of systems. Once the incident was discovered, Aon immediately retained leading cybersecurity firms to...

Ransomware attack sends New Jersey county back to 1977

Brandon Vigliarolo reports: Somerset County, New Jersey, was hit by a ransomware attack this week that hobbled its ability to conduct business, and also cut off access to essential data. “Services that depend on access to county databases are temporarily unavailable, such as land records, vital statistics, and probate records. Title searches are possible...

Martin University discloses ransomware incident

Martin University in Indianapolis disclosed that they were hit by a ransomware attack on January 3, 2022, and have been investigating the incident since then. As is often the case with these attacks, the university was unable to determine whether there had been actual access to files with personal information. As a result, they...

Illuminate Education Breach Included Los Angeles Unified & Riverside County Districts, Pushing Total Impacted to Over 3M

Update of June 15:  For updates on this incident, your best resource is Kristal Kuykendall and THE Journal . Hats off to Kristal Kuykendall and THE Journal for tracking the Illuminate Education breach. Kykendall reports: The breach of student data that occurred during a January 2022 cyberattack targeting Illuminate Education’s systems is now known to...