Take action on the latest cybersecurity events

Cybersecurity advisories and events as they happen, with a clear action you can take.

A mass email from Clare College's student accounts office unintentionally disclosed the financial details and full names of numerous bursary recipients, prompting the college's bursar to acknowledge the data security lapse and request students to delete the sensitive email.
Around 60 U.S. credit unions are experiencing outages from a ransomware attack on their cloud service provider, Ongoing Operations, on November 26, 2023, prompting the NCUA's coordination and new server migration. The recovery efforts are ongoing, and NCUA has implemented mandatory incident reporting within 72 hours.
The Fred Hutchinson Cancer Center in Seattle was hit by a cyberattack affecting its clinical network, leading to the network's shutdown. An investigation by forensic teams and law enforcement has started with uncertainty regarding the extent of patient data compromised, amidst similar attacks on other healthcare organizations.
Deer Oaks - The Behavioral Health Solution, a provider of psychological and psychiatric services to long-term care and assisted living residents, reported a data breach affecting over 100,000 Texans, exposing personal information.
Affinity Legacy, Inc., has disclosed a MOVEit related data breach at a former vendor affecting 5,538 former Medicare Advantage members, involving unauthorized file access and exposing personal data like names and social security numbers. The organization is now providing affected members with identity protection services.
A cyberattack on May 30 targeting Corewell Health's MOVEit Transfer server, managed by Welltok, Inc., resulted in a data breach affecting over a million Michigan residents and compromising personal and medical information. Welltok is notifying affected individuals and offering support through a dedicated assistance line and the Michigan Attorney General’s Consumer Protection Team.
On November 14, 2023, Securities America, Inc reported a data breach at McCord LLC involving unauthorized access to an advisor's email and compromising personal client information. SAI is issuing notification letters to affected individuals.
The Berglund Management Group Inc., a Roanoke, Virginia-based car dealership, disclosed a data breach on November 22 affecting over 50,000 individuals, where sensitive information like names and social security numbers was accessed. The company has responded by providing credit monitoring services and issuing notices to potentially impacted customers.
Blue Shield of California was targeted by a MOVEit vulnerability attack between May 28 and May 31, compromising members' personal information, and leading the company to set up a call center and offer free credit monitoring services to affected members.
The Medusa ransomware gang targeted the Great Valley School District in Pennsylvania, releasing sensitive files and demanding $600,000, with the district confirming the attack and refusing to pay the ransiom. The district is reporting potential theft of data including Social Security numbers and medical information, which raises concerns about data protection practices due to discovered medical documents that the district didn't have any reason to store.