Dissent

Centinela Valley Union High School District notifies employees of W-2 phishing incident

 Posted by at 1:52 pm  Education Sector, Phishing, U.S.
Feb 202019
 

Ding! Ding! Ding!

I think we have our first W-2 phishing report of this year, although of course I may have missed other ones. This one involves the Centinela Valley Union High School District in California.  From their notification to the state:

As a follow up to the email sent to you on January 31, 2019, we wanted to provide you additional information about the recent incident involving your personal information.

What Happened

On January 31, 2019, we learned that one of our employees received a phishing email designed to appear as if it came from one of our other employees. Upon discovery, we immediately began an investigation to determine the scope of the incident and to verify what information may have been affected. We also notified the IRS, state tax boards, and federal law enforcement authorities, and we are cooperating with their ongoing investigation.

As a result of this phishing incident, an unauthorized individual may have obtained IRS Form W-2 information for our employees, including employee names, addresses, Social Security numbers, and 2018 wage information.

Read more of the full notification here.

As of the 2008-2009 school year, the district had 614 employees. I do not yet know the current number, however.

The Average Ransomware Payment Is Rising – Coveware researchers

 Posted by at 11:29 am  Commentaries and Analyses, Malware
Feb 202019
 

Danny Bradbury reports:

The average ransomware payment is growing as criminals become more sophisticated in their attacks, according to a report released by ransomware incident response company Coveware.

According to Coveware’s Q4 2018 Global Ransomware Marketplace Report, the average ransom increased by 13% to $6733 in Q4 2018 compared to Q3’s $5973.

It’s difficult to judge the statistical margin of error for these figures because the company, which bases the data on ransomware cases handled by its support team, doesn’t divulge the exact number of ransomware cases that it has dealt with. However, it says that the increase is probably down to the more targeted nature of recent attacks.

Read more on Infosecurity Magazine.

Turkish Data Protection Authority Announces The Procedure To Be Taken By Companies In Cases Of Data Breaches

 Posted by at 10:54 am  Breach Laws, Commentaries and Analyses, Legislation, Non-U.S., Of Note
Feb 202019
 

Ertuğrul Can Canbolat LL.M., Baran Can Yildirim, LL.M. and S. İrem Akin of Actecon write:

Article 12 of the Turkish Data Protection Law No. 6698 (“TurkishData Protection Law“) entitled “Obligations Regarding Data Security” deals with the obligations of the data controller.

Article 12/1 of the Turkish Data Protection Law states the data controller shall take all necessary technical and organizational measures to provide a sufficient level of security. In addition, Article 12/5 of the Law obliges the data controller to notify the Board of Protection Personal Data (“Board“) as well as data subjects in case personal data is acquired through unlawful means by stating that “in case processed personal data are acquired by others through unlawful means, the data controller shall notify the data subject and the Board of such situation as soon as possible. The Board, if necessary, may declare such situation on its website or by other means which it deems appropriate.”

Read more on Mondaq.

h/t, @CampusCodi

AU: Malware locks up 15,000 medical files at Cabrini Hospital, hackers demand ransom

 Posted by at 10:43 am  Health Data, Malware, Non-U.S.
Feb 202019
 

Cameron Houston and Anthony Colangelo report:

A cyber crime syndicate has hacked and scrambled the medical files of about 15,000 patients from a specialist cardiology unit at Cabrini Hospital and demanded a ransom.

The attack is now the subject of a joint investigation by Commonwealth security agencies.

Melbourne Heart Group, which is based at the private hospital in Malvern, has been unable to access some patient files for more than three weeks, after the malware attack crippled its server and corrupted data.

So this is a situation in which we might understand why an entity would pay the demanded ransom, but in this case, the ransom may have been paid but the data were reportedly corrupted when the entity went to decrypt.

Read more on The Age.

Microsoft says hackers tried to breach European think tanks and non-profit organizations

 Posted by at 10:31 am  Hack, Non-U.S.
Feb 202019
 

Saheli Roy Choudhury reports:

Microsoft said hackers targeted European think tanks and non-profit organizations which often have contact with government officials.

The attacks were carried out late last year through phishing campaigns to steal employee credentials and deliver malware, the tech giant said in a blog post on Wednesday.

The company said it detected attacks targeting employees of the German Council on Foreign Relations and European offices of The Aspen Institute and The German Marshall Fund through malicious websites and spoofed email addresses that looked legitimate.

Read more on CNBC.

 Older Entries