US wireless carrier T-Mobile is informing some customers that their personal information was compromised in a recent data breach. After being alerted to unauthorized activity on its systems, the company discovered that a malicious actor had access to a "small number" of T-Mobile accounts between late February and March 2023. According to the wireless carrier, no personal financial account information or call records were compromised in the incident. READ MORE...
Students and teachers at the Minneapolis Public School (MPS) District, which suffered a huge ransomware attack at the end of February, have had highly sensitive information about themselves published on the web, including allegations of abuse by teachers and psychological reports. MPS initially said that it had refused to pay a US $1 million ransom to its extortionists, and that it had successfully restored its encrypted systems via backups. READ MORE...
German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. The company, one of the largest service providers for German health insurers, said no customer, patient, or insured individuals' data had been accessed in the security breach - at least not according to "the current state of knowledge," according to an April 30 update posted on its temporary website. READ MORE...
US Wellness has learned of a data security incident that may have involved personal and/or protected health information belonging to members of its wellness clients. US Wellness has sent notification letters to potentially involved individuals to notify them about this incident and provide resources to assist them. On January 31, 2023, US Wellness' vendor experienced a security incident that disrupted access to certain systems. READ MORE...
A ransomware group has leaked files showing the extent of their access to Western Digital systems and it appears that the hackers were closely monitoring the company's initial response to the breach from within its network. The digital storage giant announced a service outage on April 2 and the next day it confirmed that the cause was a cyberattack. The company at the time admitted that the hackers had gained access to some data, but it did not share any details. READ MORE...
The Russia-linked APT28 hacking group targeted Ukrainian government bodies in a spear-phishing campaign that uses phony "Windows Update" guides. In April, CERT-UA observed malicious emails being sent on Microsoft Outlook from what appeared to be system administrators at government bodies - with a subject line that read "Windows Update." The emails sought to trick the recipients into "launching a command line and executing a PowerShell command." READ MORE...
We've written about the uncertainty of Apple's security update process many times before. We've had urgent updates accompanied by email notifications that warned us of zero-day bugs that needed fixing right away, because crooks were already onto them, but without even the vaguest description of what sort of criminals, and what they were up to, which would at least help to round out the story. READ MORE...
The US Cybersecurity and Infrastructure Security Agency (CISA) has added three vulnerabilities to its known exploited vulnerabilities catalog, including an Oracle WebLogic flaw patched by the vendor in January. There do not appear to be any public reports describing exploitation of the WebLogic vulnerability. The security hole, tracked as CVE-2023-21839, can be exploited for remote code execution, allowing an attacker to take complete control of the targeted server. READ MORE...