Keenan & Associates is sending notices of a data breach to 1.5 million customers, warning that hackers accessed their personal information in a recent cyberattack. Keenan is a California-based insurance brokerage and consulting firm with an established presence in the education, healthcare, and public agencies sectors. Since 2017, it has been part of AssuredPartners NL, one of the largest brokerage firms in the U.S. READ MORE...
On Jan. 28, the Freehold Township School District informed its staff, families, and students that its schools and offices would be closed today due to a cybersecurity incident. School officials said that because of the incident, the district, located in Freehold, N.J., was experiencing technical difficulties and that it is working with third-party cybersecurity experts to address the issue. READ MORE...
Schneider Electric's Sustainability Business division is dealing with a ransomware attack that also appears to have resulted in a data breach, the French industrial giant said on Monday. According to the company, the incident is limited to its Sustainability Business division, which it has described as an "autonomous entity operating its isolated network infrastructure". READ MORE...
Three former Department of Homeland Security (DHS) employees were sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees. The three individuals are Charles K. Edwards, a former Acting Inspector General of the DHS Office of Inspector General (DHS-OIG), Sonal Patel, a member of the department IT staff, and Murali Y. Venkata, also from the IT department. READ MORE...
A massive database containing the information of roughly 750 million individuals in India was offered for sale on the dark web earlier this month, cybersecurity company CloudSEK reports. The database, 1.8 terabytes in size, contains personal information such as names, mobile phone numbers, addresses, and Aadhaar details (the Aadhaar number is unique to an individual and serves for identification purposes). READ MORE...
Ivanti confirmed a patch designed to mitigate two zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure will be delayed until this week, according to an updated blog post released Friday. The authentication-bypass and command-injection vulnerabilities have been actively exploited since early December, impacting thousands of organizations and leading the Cybersecurity and Infrastructure Security Agency to issue an emergency directive for Federal Civilian Executive Branch agencies. READ MORE...
Juniper Networks has released patches for multiple vulnerabilities in the J-Web component of Junos OS on SRX series firewalls and EX series switches, including a high-severity bug. Accessible from a browser, the J-Web interface allows administrators to monitor, configure, troubleshoot, and manage devices running the Junos operating system. The most severe of the resolved issues is a cross-site scripting flaw tracked as CVE-2024-21620 (CVSS score of 8.8). READ MORE...
For decades, governments and companies have surveilled the conversations, movements, and behavior of the public. And then the internet came along and made that a whole lot easier. Today, search engines collect our queries, browsers collect our device information, smartphones collect out locations, social media platforms collect our conversations, and governments either collect that same information from the companies that maintain it, or they gather it directly themselves by monitoring their people. READ MORE...
ChatGPT is leaking private conversations that include login credentials and other personal details of unrelated users, screenshots submitted by an Ars reader on Monday indicated. Two of the seven screenshots the reader submitted stood out in particular. Both contained multiple pairs of usernames and passwords that appeared to be connected to a support system used by employees of a pharmacy prescription drug portal. READ MORE...