Shakedown Social

0 posts0 participants0 posts today

Dissent Doe :cupofcoffee:York County, Pennsylvania incident: An employee of a vendor that had been hired to develop software for York County Civil Courts was provided “with certain York County Civil Courts data to use for software development and testing purposes. The employee subsequently left the vendor’s employment without returning this data,” according to the county's press release.So it seems they gave the vendor's employee REAL data to use for development and testing -- with "contact information, Social Security numbers, driver’s license or state ID card numbers, financial and medical information"And of course, there's no evidence of misuse, but they have referred the matter to law enforcement.....h/t, <a href="https://www.pennlive.com/news/2025/05/central-pa-county-alerts-residents-of-potential-data-leak.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.pennlive.com/news/2025/05/central-pa-county-alerts-residents-of-potential-data-leak.html</a><a href="https://infosec.exchange/tags/infosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecurity</a> <a href="https://infosec.exchange/tags/govsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#govsec</a> <a href="https://infosec.exchange/tags/insiderthreat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#insiderthreat</a>

Dissent Doe :cupofcoffee:WBAL-TV11 started digging into the <a href="https://infosec.exchange/tags/Kairos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kairos</a> attack on the State Attorney's Office for the City of Baltimore. Kairos had exfiltrated 325 GB of files, and none of it appeared to have been protected with any encryption. My previous report on the incident can be found here: <a href="https://databreaches.net/2025/04/19/baltimore-city-states-attorneys-office-hacked-data-leaked/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://databreaches.net/2025/04/19/baltimore-city-states-attorneys-office-hacked-data-leaked/</a> The city has now confirmed they had a breach (they were notified by law enforcement as they hadn't detected it on their own, it seems). But they are not giving out any details or answering any questions. See WBAL-TV's coverage at <a href="https://www.wbaltv.com/article/baltimore-states-attorney-office-cybersecurity-incident/64551797" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wbaltv.com/article/baltimore-states-attorney-office-cybersecurity-incident/64551797</a>So, of course, I have now filed a public records request under <a href="https://infosec.exchange/tags/MPIA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MPIA</a> to try to get answers to some questions because the state ignored all of my polite email inquiries. Did I ever mention that I hate not getting answers to questions? :)<a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/govsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#govsec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Dissent Doe :cupofcoffee:NEW by me: Baltimore City State’s Attorney’s Office hacked; Data leaked <a href="https://databreaches.net/2025/04/19/baltimore-city-states-attorneys-office-hacked-data-leaked/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://databreaches.net/2025/04/19/baltimore-city-states-attorneys-office-hacked-data-leaked/</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/GovSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GovSec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/Kairos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kairos</a>

Dissent Doe :cupofcoffee:The U.S. And Its Allies Are Pledging Never To Pay Hacker Ransoms: <a href="https://themessenger.com/tech/ransomware-us-international-hacking-ransom-pledge" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://themessenger.com/tech/ransomware-us-international-hacking-ransom-pledge</a>From the article:"Data provided to the U.S. government by ransomware negotiators shows that companies with good backups are able to recover “far more quickly” than companies that pay a ransom, according to the senior administration official." My questions: So when they don't have a good backup and have pledged not to pay, what exactly is going to happen next? And if this does work, does that just shift the threat actors over even more to softer targets like, say,  healthcare and education entities?<a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#extortion</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/govsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#govsec</a> <a href="https://infosec.exchange/tags/pledge" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pledge</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@campuscodi</a> <a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://infosec.exchange/@amvinfe" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@amvinfe</a>

Dissent Doe :cupofcoffee:Does anyone know who was responsible for this attack on Maries County, Missouri that also affected their 911 system too? <a href="https://abc17news.com/news/maries/2023/09/26/maries-county-emergency-managements-says-it-was-hit-with-cyber-attack-says-one-911-call-affected/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://abc17news.com/news/maries/2023/09/26/maries-county-emergency-managements-says-it-was-hit-with-cyber-attack-says-one-911-call-affected/</a><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@campuscodi</a> <a href="https://ioc.exchange/@jgreig" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jgreig</a> <a href="https://infosec.exchange/tags/cyberattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberattack</a> <a href="https://infosec.exchange/tags/govsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#govsec</a> <a href="https://infosec.exchange/tags/infosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecurity</a>

Dissent Doe :cupofcoffee:Cyberattack causes St. Louis County to shut down some public safety computer servers:<a href="https://www.stltoday.com/news/local/government-politics/cyberattack-causes-st-louis-county-to-shut-down-some-public-safety-computer-servers/article_bdb52ede-51c5-11ee-9ac5-23aa74956aa9.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.stltoday.com/news/local/government-politics/cyberattack-causes-st-louis-county-to-shut-down-some-public-safety-computer-servers/article_bdb52ede-51c5-11ee-9ac5-23aa74956aa9.html</a>KCTV reports that three other municipalities also reported REJIS-related system issues:<a href="https://www.kctv5.com/2023/09/12/kansas-city-area-municipal-courts-suspend-services-due-security-related-incident/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.kctv5.com/2023/09/12/kansas-city-area-municipal-courts-suspend-services-due-security-related-incident/</a>REJIS is a government agency that serves criminal justice departments across Missouri and in Illinois and Kansas.<a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/GovSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GovSec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#software</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://ioc.exchange/@jgreig" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jgreig</a> <a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BleepingComputer</a>

Recent searches

Search options

Administered by:

Server stats:

#govsec