ChildFund in New Zealand has issued a public notice about a data breach involving a telemarketing company, Pareto Phone Limited. ChildFund had contracted with Pareto in 2014 to conduct fundraising activity on its behalf. ChildFund does not say when it may have stopped working Pareto, but Pareto suffered a cyberattack in April of this...
Graham Cluley writes: UK charities including Shelter, the RSPCA, the Dogs Trust, Battersea Dogs and Cats Home, and Friends of the Earth have warned their supporters that hackers have stolen their data following a breach at a supplier. The charities themselves haven’t been hacked. The problem instead lies with third-parties working with the charities...
Claudia Glover reports: Save the Children appears to have been hacked by the Chinese data extortion gang BianLian, according to data posted to the latter’s victim blog. Though it does not mention the charity by name, the cybercrime organisation claims to have stolen up to 8GB of files from an international NGO “employing over...
Jonathan Greig reports: One of the oldest historical societies in the state of Ohio was hit with a ransomware attack that leaked the sensitive information of thousands, according to a statement the organization released this week. The Ohio History Connection is a statewide history nonprofit chartered in 1885 that manages more than 50 sites...
On June 24, DataBreaches reported that the National Student Clearinghouse was one of the victims of the MOVEit breach by Clop, In that report, DataBreaches stated that the clearinghouse’s statements to date had not indicated whether they had paid any ransom demand, but DataBreaches had learned that their name had been removed from Clop’s...
Jessica Gould reports: The New York City Department of Education estimates that the personal data of some 45,000 students was compromised as part of a breach involving the file transfer software MOVEit. Officials said the compromised data includes social security numbers, birth dates and certain student evaluations, though the specific types of data breached...
Laura Dobberstein reports: Singapore-based threat intelligence outfit Group-IB has found ChatGPT credentials in more than 100,000 stealer logs traded on the dark web in the past year. The amount of stolen accounts steadily climbed from 74 in June 2022 to 26,902 in May 2023. April 2023 was an outlier – a moderate decline was...
Analysis by Tim Starks with research by David DiMolfetta: A long-awaited report on the cybersecurity vulnerabilities of election machines in Georgia was finally released alongside another report on Wednesday, but the two sides of a long-running dispute over the security of the state’s election machines can’t agree on what conclusions to draw. The first report — by...
In early May, a new group of threat actors known as Nokoyawa added Canopy Children’s Solutions in Mississippi to their leak site. On June 2, Mississippi Children’s Home Society, CARES Center, Inc., Mississippi Children’s Home Services, Inc., d.b.a. Canopy Children’s Solutions (“Canopy”) a press release acknowledging that on April 4, they experienced an attack...
“I’m Not Pro-Russia and I’m Not a Terrorist!” —- InfraGard and Airbus Hacker “USDoD” Unveils His New Campaigns