Feb 202019

Ding! Ding! Ding!

I think we have our first W-2 phishing report of this year, although of course I may have missed other ones. This one involves the Centinela Valley Union High School District in California.  From their notification to the state:

As a follow up to the email sent to you on January 31, 2019, we wanted to provide you additional information about the recent incident involving your personal information.

What Happened

On January 31, 2019, we learned that one of our employees received a phishing email designed to appear as if it came from one of our other employees. Upon discovery, we immediately began an investigation to determine the scope of the incident and to verify what information may have been affected. We also notified the IRS, state tax boards, and federal law enforcement authorities, and we are cooperating with their ongoing investigation.

As a result of this phishing incident, an unauthorized individual may have obtained IRS Form W-2 information for our employees, including employee names, addresses, Social Security numbers, and 2018 wage information.

Read more of the full notification here.

As of the 2008-2009 school year, the district had 614 employees. I do not yet know the current number, however.

Feb 202019

Michael P. Rellahan reports:

A breach of Chester County government’s computer system via an internet bug led to intense work by county computer specialists over the Presidents Day weekend, but apparently has not led to any compromise of users’ information, a county spokesperson said Tuesday.

Chester County’s Department of Computing and Information Services (DCIS) detected and late last week responded to potential malware activity on the county’s computer network, getting assistance from third-party cybersecurity consultants, said Chester County Communications Coordinator Rebecca Brain.

Read more on The Daily Local.  In response to the incident, the county sounds like it is really tightening up its security in some respects, and no longer allows employees to use county computers or the county network for personal use, etc.

Feb 172019

Sarah Wynn reports:

The Ohio Department of Commerce says thousands of letters were sent by the state to those who qualify for unclaimed funds, but the letters were sent to the wrong people. The letters include personal information, including names and social security numbers, according to the state.

“Due to a processing error, approximately 9,000 consumers were mailed forms that were inaccurate,” the Ohio Department of Commerce’s Division of Unclaimed funds announced in a release on Friday.

Read more on ABC6.

Feb 172019

Linda A. Moore reports:

A former Rhodes College student pleaded guilty Tuesday to hacking into the college’s computer system to change his grades and keep his scholarship.

Michael Geddati, 20, was a freshman pre-med major when between December 2017 and May 2018, he accessed various systems without authorization to raise his grades.

Geddati’s actions were detected after a faculty member noticed that the grade in the computer system was higher than the one Geddati had earned.

The investigation showed that on dozens of occasions, Geddati logged in as an instructor. He frequently changed his grades and was able to download an exam ahead of when it was given.

Read more on Commercial Appeal, including a description of the terms of a plea deal and a statement from the college.  And because Geddati’s job involves working with computers, he has been ordered to tell his employer about the case. The judge told Geddati, “They need to know what you’ve done and what you’re capable of doing.”


Feb 172019

Michael Seiden reports:

Piles of partially burned medical records were discovered across the street from a metro Atlanta medical center, Channel 2 Action News has learned.

Southside Medical Clinic said they have no idea how the records got there.

A viewer alerted Channel 2’s Michael Seiden to the issue in a parking lot across the street from the clinic. Seiden went to an abandoned building across the street, where he found hundreds of patient documents in a dumpster and others stored outside in shipping crates.

Read more on WSBTV.