Tag Archive for: Cyberattack

Florida Memorial University reportedly targeted in ransomware cyberattack | South Florida News

/in


Florida Memorial University (FMU), South Florida’s only historically Black college or university has reportedly fallen victim to a cybersecurity breach by the ransomware group known as INC Ransom. The specifics of the data compromised during this incident remain uncertain, and the university has yet to issue a formal statement regarding the breach.







INC Ransom Blog Post

INC Ransom posts on their blog confirming their recent attack on Florida Memorial University. 


In a disturbing display of their malicious capabilities, INC Ransom has uploaded a ‘proof pack’ on its website, showcasing scans of passports, Social Security numbers, and contractual documents, ostensibly sourced from FMU’s databases.







INC Ranson's FMU Proof Pack

INC Ransom has uploaded a so-called “proof pack” on its website, showcasing scans of passports, Social Security numbers, and contractual documents, ostensibly sourced from FMU’s databases.

Source…

Vans, North Face parent downplays cyberattack

/in


U.S. global apparel and footwear company VF Corporation, which owns Vans, The North Face, and Supreme, emphasized that the December cyberattack that impacted data from 35.5 million customers did not include any bank information or credit card details, The Register reports.

In an email sent to impacted individuals, VF Corp. insisted that it never collected or retained financial or payment information outside the payment method used for customer purchases while reassuring that the incident did not result in any password exposure. Attackers were able to compromise individuals’ full names, phone numbers, email addresses, and billing and shipping addresses, as well as order histories, payment methods, and total order values but there has been no evidence suggesting any misuse of such exfiltrated information, said VF Corp., which still urged affected customers to be wary of potential phishing, identity theft, and fraud incidents.

Immediate password changes for VF Corp. accounts and other accounts sharing similar credentials have also been advised.

Source…

City of St. Cloud Responds to Ransomware Cyberattack

/in


Early this morning, the City of St. Cloud reported a cybersecurity incident involving a ransomware attack targeting its systems. Officials have swiftly initiated a coordinated response, engaging with both state and local agencies to mitigate the impact of the attack and restore affected services promptly.

Despite the challenges presented by the cyberattack, the City of St. Cloud has maintained its commitment to public service, ensuring that city operations continue with minimal disruption. Government offices remain open, operating under adjusted conditions to address the current situation.

Key emergency services, including Police and Fire Rescue, are fully operational, with teams actively responding to all service calls. The City has also implemented temporary measures to ensure continuity in its public utilities and services. Notably, the Transfer Station is accepting payments in cash only for the time being, but trash and recycling collection schedules remain unchanged, emphasizing the City’s effort to maintain routine services for its residents.

In-person payments for Parks and Recreation are cash-only. Online facility reservation payments and online event registrations are still accepting credit card payments.

Residents requiring building inspections are encouraged to contact the designated hotline at 407-957-7224. Similarly, inquiries and requests for Public Works inspections can be directed to 407-957-7269, where city staff are available to provide assistance.

The City of St. Cloud appreciates the community’s patience and cooperation as it navigates through this cybersecurity challenge. Efforts to fully resolve the issue are underway, and updates will be provided as more information becomes available.

Source…

Colorado public defender cyberattack may have exposed personal data

/in


A screenshot shows redacted text messages provided to The Denver Post by the Governor’s Office of Information Technology in response to an open records request about the ransomware attack on the Office of the Colorado State Public Defender. (Image via Governor’s Office of Information Technology)

The Office of the Colorado State Public Defender has acknowledged personal data may have been stolen during a ransomware attack that crippled the statewide agency in early February — but won’t say much else about the ongoing effort to restore its systems after the hack.

Files “were copied without permission” during the cyberattack, which was discovered on Feb. 9, and those files may have included names, Social Security numbers, driver’s license numbers, medical information and health insurance information, the agency said in a statement Friday.

Officials from the public defender’s office are still investigating whose personal data may have been stolen, and whether the personal data of attorneys or their clients was compromised, they said. A statement on the agency’s website urges “individuals” to remain vigilant against identity theft and fraud.

It’s been more than a month since public defenders across the state were locked out of their computers and files in the ransomware attack and hundreds of court hearings were delayed over the next week because public defenders couldn’t do their jobs.

Officials this week refused to answer questions from The Denver Post about what particular parts of the agency’s systems remain inoperable. In a ransomware attack, hackers use malware to hold an organization’s data hostage then demand a payment in cryptocurrency in order for organizations to regain access to that data.

The public defender’s office also would not disclose the amount of ransom demanded or whether a ransom was paid. A statement on the agency’s website says the office has “made progress in returning to full operations.”

Heavily redacted emails and text messages released to The Post by the Governor’s Office of Information Technology this week in response to an open records request mention the cyberattack recovery law…

Source…