Days after an infrastructure package was passed in the U.S. Senate, a phishing attack sent government contractors to a sham, but official looking, website that asked for their credentials. In other cyber security news, a master’s student at the University of South Wales was discovered to have been hacking the school’s systems to access and sell test data.
Olympus suffers regional ransomware attack
Medical tech company Olympus released a statement regarding a cyberattack that affected their systems and offices based in the EMEA region. The company believes that no information was stolen during the incident, though the investigation is still ongoing. They did reveal a ransom note similar to ones used by the BlackMatter ransomware group, and a Tor website that the group had used previously to communicate with victims.
Ransomware eliminates all records for Arizona medical practice
Following a ransomware attack on Desert Wells’ Family Medical, officials for the practice have begun contacting their 35,000 patients to inform them of a complete loss of medical records. While the medical practice did have full backups of all patient records, the attackers were able to fully encrypt both copies, leaving the data irretrievable. The practice believes that no information was removed from the systems before the encryption took place.
U.S. DOT contractors targeted by massive phishing campaign
Just days after the passage of the $1 trillion dollar infrastructure bill by the US Senate, many engineering contractors that regularly work with the U.S. Department of Transportation (DOT) began receiving phishing emails. The emails attempted to impersonate DOT officials requesting bids for phony Federal infrastructure work. The phishing campaign originated from a newly registered domain, transportationgov.net, and contained a large clickable button that took users to a landing page that requested additional login credentials before sending them on to an actual DOT page.
MyRepublic breach compromises thousands of customers
Roughly 80,000 customers of mobile carrier MyRepublic Singapore have been affected by a data breach of an unsecured storage database. While the breach did reveal some identifying information, payment card data was not accessed during the unauthorized intrusion and the company has already begun contacting and offering credit and identity monitoring services to all affected customers. Customers have been warned to monitor any suspicious text messages they may receive, as they could be directly linked to the attackers using the stolen contact information to commit further fraud.
University of South Wales hacked by masters’ student
For nearly 2 years, two students at the University of South Wales committed illegal intrusion into the school’s computer systems in order to steal exam answers and sell them. The University discovered the intrusion after numerous students returned identical answers to several exam questions. As a result, the university scanned through login requests to identify the specific IP address that the attack originated from. Two students lived at the residence the IP address led to and they have both pled guilty to selling the stolen exam materials. In total, the students used stolen staff credentials to enter the system nearly 700 separate times.