Security

Govtech giant Conduent won’t rule out cyberattack as outage drags on

Security /

An ongoing “service interruption” at government contractor giant Conduent sparked outages across several U.S. states, leaving residents without access to some benefits and support payments. A person familiar with the incident told TechCrunch the outage was caused by a cyberattack. Conduent spokesperson Sean Collins acknowledged the company’s outage was ongoing, but declined to answer questions […]

Govtech giant Conduent won’t rule out cyberattack as outage drags on Read More »

Toronto school district says 40 years of student data stolen in PowerSchool breach

Security /

Canada’s largest school board says hackers may have accessed some 40 years’ worth of student data during the recent PowerSchool breach.  In a letter sent to parents this week, the Toronto District School Board (TDSB) said that the data breach affected all students enrolled in the district between September 1985 and December 2024.  The school

Toronto school district says 40 years of student data stolen in PowerSchool breach Read More »

How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack

Security /

On January 7, at 11:10 p.m. in Dubai, Romy Backus received an email from education technology giant PowerSchool notifying her that the school she works at was one of the victims of a data breach that the company discovered on December 28. PowerSchool said hackers had accessed a cloud system that housed a trove of

How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack Read More »

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms

Security /

The U.S. government has announced sanctions against a Chinese organization with links to Salt Typhoon, the hacking group responsible for the largest telecoms hack in U.S. history.  The Treasury Department’s Office of Foreign Assets Control (OFAC) announced on Friday that it had sanctioned a China-based cybersecurity company, known as Sichuan Juxinhe Network Technology, which it

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms Read More »

Malware stole internal PowerSchool passwords from engineer’s hacked computer

Security /

A cyberattack and data breach at U.S. edtech giant PowerSchool that was discovered December 28 threatens to expose the private data of tens of millions of school children and teachers.  PowerSchool told customers the breach was linked to the compromise of a subcontractor’s account. TechCrunch learned this week of a separate security incident, involving a

Malware stole internal PowerSchool passwords from engineer’s hacked computer Read More »

Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches

Security /

The prolific Clop ransomware gang has named dozens of corporate victims it claims to have hacked in recent weeks after exploiting a vulnerability ​​in several enterprise popular file transfer products developed by U.S. software company Cleo.  In a post on its dark web leak site, seen by TechCrunch, the Russia-linked Clop gang listed 59 organizations

Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches Read More »

Governments call for spyware regulations in UN Security Council meeting

Security /

On Tuesday, the United Nations Security Council held a meeting to discuss the dangers of commercial spyware, which marks the first time this type of software — also known as government or mercenary spyware — has been discussed at the Security Council.  The goal of the meeting, according to the U.S. Mission to the UN,

Governments call for spyware regulations in UN Security Council meeting Read More »

PowerSchool data breach victims say hackers stole ‘all’ historical student and teacher data

Security /

U.S. school districts affected by the recent cyberattack on edtech giant PowerSchool have told TechCrunch that hackers accessed “all” of their historical student and teacher data stored in their student information systems.  PowerSchool, whose school records software is used to support more than 50 million students across the United States, was hit by an intrusion

PowerSchool data breach victims say hackers stole ‘all’ historical student and teacher data Read More »

UnitedHealth hid its Change Healthcare data breach notice for months

Security /

Change Healthcare, the UnitedHealth-owned healthtech company that lost more than 100 million people’s sensitive health data in a ransomware attack last year, said on Tuesday that the company has “substantially” completed notifying affected individuals about the massive data breach. The February 2024 ransomware attack on Change Healthcare, one of the biggest processors of patient billing

UnitedHealth hid its Change Healthcare data breach notice for months Read More »

Hackers are exploiting a new Fortinet firewall bug to breach company networks

Security /

Security researchers say malicious hackers have been exploiting a newly discovered vulnerability in Fortinet firewalls to break into corporate and enterprise networks. In an advisory published Tuesday, security product maker Fortinet confirmed that a critical-rated vulnerability in its FortiGate firewalls, tracked as CVE-2024-55591, is “being exploited in the wild.”  Fortinet made patches available, but security

Hackers are exploiting a new Fortinet firewall bug to breach company networks Read More »