Hack

OH: Shaker Heights City School District discloses hacking incident

Shaker Heights City School District in North Carolina has notified the Maine Attorney General’s Office and the Montana Attorney General’s Office of a data security incident. The incident was discovered on January 30, 2022, but the investigation revealed that it had begun as early as September 1, 2021. Data were exfiltrated as part of...

How to Fight Foreign Hackers With Civil Litigation

Kellen Dwyer, Kim Peretti, and Emily Skahill of Alston & Bird write: The Department of Justice dealt a blow to global cybercrime on April 6 with the takedown of a massive botnet controlled by “Sandworm”—the Russian General Staff Main Intelligence Directorate (GRU) unit responsible for the 2017 NotPetya attack, among others. This operation reflects...

Mint gets data breach claims dismissed

Alyssa M. Sones of SheppardMullin writes about a data breach lawsuit with a somewhat different, albeit unsuccessful, approach. Sones explains: Fraser’s allegation that Mint had a role in helping the hacker gain control of his phone number sets this case apart from the typical data breach case….. Fraser alleges that Mint allowed Fraser’s number...

Parker-Hannifin discloses breach affecting employee health plan data

On March 14, Parker-Hannifin discovered unauthorized access to to their IT systems that began three days earlier.  Their investigation determined some files on Parker’s IT systems had been accessed and possibly acquired by the attacker. The information involved related to current and former employees, their dependents, and members of Parker’s Group Health Plans (including...

Law Firm Cyber Breach May Impact 23K, Including Financial Institution Client’s Customers

Justin Henry reports: The cyberattack of Philadelphia midsize law firm Stevens & Lee has grown to include 23,066 people whose personal information was potentially compromised, including customers of the firm’s financial institution clients, according to public records. The new figure, revealed in notices to authorities last month, is a sharp increase from the 344 potentially impacted individuals reported...

DEA Investigating Breach of Law Enforcement Data Portal

Brian Krebs reports: The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest...

NZ: Data breach on AA Traveller website

RNZ reports: AA Traveller said the website was in use between 2003 and 2018 and allowed customers to make travel bookings, enter competitions and take part in surveys. In a statement on its website AA Traveller said it “recently discovered a vulnerability in the application where the AA Traveller information was stored and that...