Nampa School District Email Breach

It was reported on Thursday, March 15th, 2018 that the Nampa school district in Nampa, Indiana was potentially compromised, possible revealing personal employee information. It was discovered that an individual had previously had unauthorized access to an e-mail account belonging to the school district, putting approximately 4,000 employees at risk, both past and present. The breach was under control within a few hours of detecting the unauthorized log in. It was determined that the source of the log-in was from outside of the country, and that only the singular e-mail was affected, and not the entire system.

 

The Nampa school district worked with an independent security investigation firm known as Navigant. It is believed by the officials that no personal employee data, such as names, social security numbers, or financial information was compromised.Steps taken as a result of this have been issuing system wide password changes, which is required by all employees. Additionally, it was stated that “Employees whose information was included in this account will receive one year of complimentary identity protection services.”
Source: https://www.kivitv.com/news/nampa-school-district-investigating-security-breach

Advertisements

Home Depot contains malware, but not before 56 million cards were impacted.

A few weeks ago, there were evidence that Home Depot had a security breach when credit cards were put up for sale on a black market website. This was already covered by this blog in this post. Since then, Home Depot has not only confirmed a breach, but that it had existed from April to September 2014. The release also tells that the malware was found in American and Canadian stores installed in the self-checkout machines, and have been removed from use. There were no signs of data breaches in normal checkout machines, Mexican stores, American or Canadian online websites. Despite card information being compromised, there were no signs that PIN numbers were recorded. Home Depot has also finished installing enhanced encryption in U.S stores on September 15 and Canadian stores are expected to be finished in early 2015. The breach was closed but after 56 million cards were affected. The malware used in this breach was reported to not have been seen in other attacks, however there are signs that this breach was done by the same group of hackers responsible for Target last year. According to Krebsonsecurity.com, the thieves were stealing card information up to five days after first signs of the breach on September 2nd. As of September 22, 2014, Home Depot holds the record for the largest retail card breach. Second place goes to TJX with 45.6 million cards and third place goes to Target with 40 million.

-David Mauriello