CT Cyber Alerts is our way of keeping Connecticut residents aware of local cyber attacks. Unfortunately, hackers are targeting CT more than most places; according to the FBI, we're the fifth most targeted state in the nation. Our sources include:
Subscribers get a text-based email the instant this page is updated with a new alert.
Quest Diagnostics is putting out a warning after it was hit with a massive data breach. The information may include financial data, social security numbers and medical records, though the company said laboratory test results were not exposed.
West Hartford school officials warned parents that Total Registration, company that handles registration for advanced placement and other testing, may have had a data breach and certain information provided by students including name, grade level, gender, date of birth, address, email address, and parent/guardian names may have been exposed, but it did not extend to credit card numbers or social security numbers.
Connecticut-based Southeastern Council on Alcoholism and Drug Dependence is notifying 25,148 patients that their data was potentially breached during a February ransomware attack. A review determined that data such as patient names, addresses, Social Security numbers, medical histories, and treatments was compromised because of the attack.
A new phishing scam is targeting the HR departments of companies in an effort to reroute direct deposits. It involves fraudsters rerouting direct deposit accounts, and once checks are made, the paycheck will instead go directly into the criminal’s account.
Operators of Connecticut's banks, credit unions and thrifts essentially wear two hats. As investors, they leverage collected deposits into loans. As financial fiduciaries, they, too, accept responsibility for protecting depositors' private information and shielding accounts from thieves and hackers.
It's with their fiduciary hats on that Connecticut's deposit-collecting institutions, with support from state bank regulators and law enforcement, are promoting legislation — Senate Bill 811 — that would substantially raise state penalties for those convicted of depositor scams.
The confidential personal information of approximately 12,000 Baystate Health patients was accessed as part of a recent email phishing incident. An investigation showed patient information was contained in the emails, including patient names and dates of birth, health information including diagnoses, treatment information and medications, and in some cases health insurance information.
Plymouth is the latest Connecticut town to fall victim to hackers, according to the mayor. He confirmed that computers on the town networks suffered a ransomware attack that began with an email. The town's IT team is working to determine the extent of the breach.
Colchester First Selectman Art Shilosky confirmed that computers on the town networks are infected with ransomware. He would not say how many departments are affected or when the issue was discovered, but said that Connecticut State Police and their insurance carriers are investigating.
A new study by AllAreaCodes.com found Connecticut to be the seventh most targeted state in America for robocall phone scams during tax season. The study ranked the states for tax scams after analyzing 15 million consumer complaints released by the FTC over the last three years.
In the first few months of 2019, we've observed a sudden increase in the volume of calls and emails from clients regarding suspicious emails. Tammy, Director of Client Services, said "A client just recently had a new employee who hadn’t taken the security training yet, clicked on an attachment in an email that caused them to get a crypto virus. We were able to remediate relatively quickly but it could have been a catastrophe. Same customer uses RDS rather than VPN against our recommendation to connect to their server. This leaves a port opened that can allow an intruder to brute force their RDP server. The effect of this vulnerability allowed for them to overload the resources of the RDS server. Again we were able to remediate quickly so it didn’t cause too much downtime."
UConn Health released a statement saying they recently learned “that an unauthorized third party illegally accessed a limited number of employee email accounts” and said it has secured the impacted accounts. They identified around 326,000 people whose personal information was contained in a compromised email account and the information included Social Security numbers for around 1,500 people.
The optometry offices of Dr. Thomas DeLuca, Dr. Antony Marciano & Associates announced on Jan. 25 they had been victimized by a ransomware attack last November. The hacker also made away with personal information from the 26,000 patient files DeLuca had on record, potentially including patients’ names, Social Security Numbers and some health information.
The home design app informed members f a breach of its user data it discovered more than a month ago, advising any people registered to use Houzz to change their password and stating it has contacted law enforcement.
The city school district’s computer network was attacked by a virus caused by an outside entity that intended to hold district data hostage for ransom. The damage was loosing data that has been theirs: years’ work of lesson plans and teaching materials stored on district servers.
An entity calling itself Workplace Compliance Services has been sending an official-looking form to limited liability companies that cites a state law requiring the filing of annual reports with the Secretary of the State. It then tells the owners to fill out the form and mail it in — with a $110 fee — to get help filing the reports.
Production of a number of US newspapers (including Union-Tribune papers in Florida, Chicago and Connecticut) belonging to the Tribune Group was adversly affected by a cyber attack thought to involve Ryuk ransomware. The attack was first noticed at the San Diego Union-Tribune, when some editors found they were unable to send completed pages to the printing facilities.