10th September 2021 | Target: MyRepublic | Reported Here
MyRepublic says almost 80,000 of its mobile subscribers in Singapore have had their personal data compromised, following a security breach on a third-party data storage platform. The affected system had contained identity verification documents needed for mobile services registration, including scanned copies of national identity cards and residential addresses of foreign residents.
The “unauthorised data access” incident was uncovered on August 29 and the relevant authorities had been informed of the breach, said MyRepublic in a statement Friday.
7th September 2021 | Target: Howard University | Reported Here
Howard University, one of the largest historically Black schools in the United States, canceled classes Tuesday after a ransomware attack.
The attack shut down the campus Wi-Fi, and nonessential employees were instructed to not report to work, the university announced Monday. In-person classes will resume Wednesday, but online classes remain canceled until at least Thursday.
6th September 2021 | Target: Jenkins Software | Reported Here
In a statement, Jenkins documentation officer Mark Waite explained that the affected server was taken offline and the team is investigating the impact of the issue.
“At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected. Thus far in our investigation, we have learned that the Confluence CVE-2021-26084 exploit was used to install what we believe was a Monero miner in the container running the service,” Waite wrote.
2nd September 2021 | Target: Dallas ISD | Reported Here
The Dallas Independent School District says they learned of a data breach about a month ago that affects former and current students, alumni, parents, and district employees.
In an FAQ on their website, the district said someone downloaded data from their server and temporarily stored it on an encrypted cloud storage site. The district said the data have since been removed from that site and that there is no evidence it was otherwise accessed, disseminated, or sold but that they cannot be sure the data has not been shared publicly until a forensic analysis is completed.
30th August 2021 | Target: Dupage Medical Group | Reported Here
DuPage Medical Group experienced a security breach that reportedly may affect 600,000 patients, the group announced Aug. 30. Now, the medical group, Illinois’ largest independent physician group, is mailing letters to notify patients of the cyberattack.
The unauthorized use occurred between July 12-13 and caused a network outage. On Aug. 17, after an investigation by cyber forensic specialists, the medical group determined patient information may have been reached by “unauthorized actors.”
30th August 2021 | Target: Bangkok Airways | Reported Here
The LockBit ransomware gang has apparently struck again, having purportedly stolen 103GB worth of files from Bangkok Airways and promising to release them tomorrow, on Tuesday.
A Dark Web intelligence firm calling itself DarkTracer (apparently a separate intel firm than the better-known DarkTrace) tweeted a screen capture of a countdown clock from LockBit 2.0 that, as of Friday, showed four and a half days left. “LockBit ransomware gang has announced Bangkok Airways on the victim list,” DarkTracer tweeted. “It announced that 103GB of compressed files will be released.”
27th August 2021 | Target: Boston Public Library | Reported Here
The Boston Public Library said Friday that it is experiencing “a systemwide technical outage” after being targeted by a cyberattack.
“On Wednesday morning, 8/25, the Boston Public Library experienced a systemwide technical outage due to a cybersecurity attack, pausing public computer and public printing services, as well as some online resources,” the library said in a statement. “Affected systems were taken offline immediately, and proactive steps were taken to isolate the problem and shutdown network communication. There is currently no evidence that sensitive employee or patron data has been disclosed.”
24th August 2021 | Target: Peterborough, Hampshire | Reported Here
The town of Peterborough, New Hampshire, said Monday that it has lost $2.3 million in taxpayer dollars as the result of a cyberattack.
“It pains us to inform the residents and taxpayers of Peterborough that, like so many other towns and cities, we have fallen victim to an internet-based crime that has defrauded our taxpayers of $2.3m,” Select Board Chairman Tyler Ward and Town Administrator Nicole MacStay said in a press release posted to Facebook.
17th August 2021 | Target: Chase bank | Reported Here
New York City-based JPMorgan Chase Bank has admitted that a technical bug on its online banking website and app led to the accidental leak of customer data… to other customers.
Incidents of customer data breaches have been on the rise over the past year, alongside numerous instances of organized, targeted cyberattacks affecting organizations big, small, and in-between. Many incidents came about as bad actors, emboldened by the lack of data security on many platforms and targeting go-between service providers, orchestrated cyber intrusions that have ended up affecting thousands of businesses globally.
11th August 2021 | Target: Georgia Health System | Reported Here
A ransomware attack on one of southeast Georgia’s largest healthcare systems exposed both staff and patients’ protected health information (PHI.)
St. Joseph’s/Candler (SJ/C) announced on August 10 that it experienced “a data security incident that may have resulted in unauthorized access to patient and employee information,” according to a press release.
The Georgia-based healthcare system, which has 116 service locations across the state, identified suspicious activity in its network on June 17, 2021, according to the press release