1. Home
  2. Cybersecurity Events

Take action on the latest cybersecurity events

Cybersecurity advisories and events as they happen, with a clear action you can take.

Data leak of student bursary amounts at Cambridge's Clare College
published: Dec. 2, 2023
A mass email from Clare College's student accounts office unintentionally disclosed the financial details and full names of numerous bursary recipients, prompting the college's bursar to acknowledge the data security lapse and request students to delete the sensitive email.
Take action: Check email recipient address very carefully. It's so easy to make a mistake when sending emails.
Cloud provider impacted by ransomware causes outages at 60 credit unions
published: Dec. 2, 2023
Around 60 U.S. credit unions are experiencing outages from a ransomware attack on their cloud service provider, Ongoing Operations, on November 26, 2023, prompting the NCUA's coordination and new server migration. The recovery efforts are ongoing, and NCUA has implemented mandatory incident reporting within 72 hours.
Fred Hutchinson Cancer Center reports cyberattack during Thanksgiving week
published: Dec. 2, 2023
The Fred Hutchinson Cancer Center in Seattle was hit by a cyberattack affecting its clinical network, leading to the network's shutdown. An investigation by forensic teams and law enforcement has started with uncertainty regarding the extent of patient data compromised, amidst similar attacks on other healthcare organizations.
Deer Oaks mental health care provider impacted by cyberattack and data breach
published: Dec. 2, 2023
Deer Oaks - The Behavioral Health Solution, a provider of psychological and psychiatric services to long-term care and assisted living residents, reported a data breach affecting over 100,000 Texans, exposing personal information.
Affinity Legacy, Inc. reports MOVEit related data breach
published: Dec. 1, 2023
Affinity Legacy, Inc., has disclosed a MOVEit related data breach at a former vendor affecting 5,538 former Medicare Advantage members, involving unauthorized file access and exposing personal data like names and social security numbers. The organization is now providing affected members with identity protection services.
Corewell Health reports MOVEit related data breach
published: Dec. 1, 2023
A cyberattack on May 30 targeting Corewell Health's MOVEit Transfer server, managed by Welltok, Inc., resulted in a data breach affecting over a million Michigan residents and compromising personal and medical information. Welltok is notifying affected individuals and offering support through a dedicated assistance line and the Michigan Attorney General’s Consumer Protection Team.
Securities America, Inc. reports data breach at third party supplier McCord LLC exposing SSNs
published: Dec. 1, 2023
On November 14, 2023, Securities America, Inc reported a data breach at McCord LLC involving unauthorized access to an advisor's email and compromising personal client information. SAI is issuing notification letters to affected individuals.
Berglund Management Group car dealership reports data breach exposing over 50K people
published: Dec. 1, 2023
The Berglund Management Group Inc., a Roanoke, Virginia-based car dealership, disclosed a data breach on November 22 affecting over 50,000 individuals, where sensitive information like names and social security numbers was accessed. The company has responded by providing credit monitoring services and issuing notices to potentially impacted customers.
Blue Shield of California reports MOVEit related data breach, exposing patient data
published: Dec. 1, 2023
Blue Shield of California was targeted by a MOVEit vulnerability attack between May 28 and May 31, compromising members' personal information, and leading the company to set up a call center and offer free credit monitoring services to affected members.
Great Valley School District impacted by ransomware attack by Medusa gang
published: Dec. 1, 2023
The Medusa ransomware gang targeted the Great Valley School District in Pennsylvania, releasing sensitive files and demanding $600,000, with the district confirming the attack and refusing to pay the ransiom. The district is reporting potential theft of data including Social Security numbers and medical information, which raises concerns about data protection practices due to discovered medical documents that the district didn't have any reason to store.