Wisconsin Physicians Service Insurance Corporation (WPS) is notifying roughly 950,000 individuals that their personal information was stolen in the MOVEit campaign last year. The MOVEit hack was disclosed in May 2023, after Progress Software discovered that the Russian-speaking Cl0p ransomware group had exploited a zero-day in the MOVEit Transfer managed file transfer (MFT) software to access customer data. READ MORE...
Sensitive data on nearly 1 million Medicare beneficiaries in Wisconsin was compromised last year by a ransomware group's attack spree targeting a zero-day vulnerability in Progress Software's MOVEit file-transfer service. The Centers for Medicare & Medicaid Services said its contractor Wisconsin Physicians Service Insurance Corp. was impacted by the widely-exploited MOVEit vulnerability, in a Friday news release. READ MORE...
Payment gateway provider Slim CD is notifying roughly 1.7 million individuals that their personal and credit card information was stolen in a ten-month-long data breach. The incident was discovered on June 15, 2024, but the attackers had access to Slim CD's systems since August 17, 2023, the company says in an incident notice (PDF). "That access may have enabled an unauthorized actor to view or obtain certain credit card information between June 14, 2024, and June 15, 2024," Slim CD explains. READ MORE...
Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack. In a statement issued Monday, the district confirmed that all schools would remain closed, and all activities, including athletics and meetings, would be canceled on September 9. However, the district's central office remains open, and staff have been instructed to report for work. READ MORE...
The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomHub affiliate. The gang uses custom tools known as the Spacecolon malware family, and deploys them after gaining access to a network through brute-force methods as well as exploiting older vulnerabilities like EternalBlue (CVE-2017-0144) or ZeroLogon (CVE-2020-1472). READ MORE...