Another week in the books! Here’s what made cybersecurity headlines this week that you might have missed:
After investigation into a recent data breach at Cargills Bank in Sri Lanka that exposed customer and employee information, documents were leaked that suggest that the company had previously been warned about its inadequate security measures.
These documents indicate that the bank had been warned about security issues such as poor firewall management, no user access reviews, sensitive data shared with no password protection, lack of proper data retention and deletion, inconsistency with updates and patches, and more.
(–Source: ReadMe
Read More: Cargills data breach: Bank warned of security lapses in 2024 )
The recent data breach on Nationwide Recovery Services, which the city of Chattanooga’s government uses for debt collection, has compromised city data. The Chattanooga mayor learned of this breach last Friday when a letter dated February 7th informing the city of the breach finally made it to the mayor’s office.
As of right now, it appears that no information other than debt collection data was compromised in this incident, but the city has launched an investigation into the matter, stating that the failure to ensure that information reaches necessary channels is unacceptable.
(–Source: WDEF
Read More: City of Chattanooga investigating data breach – WDEF )
Everest, a well-known Russia-linked ransomware gang, had their leak site hacked and defaced. The hacker(s), calling themselves “Prague”, replaced the ransomware gang’s site with a message that read: “Don’t do crime CRIME IS BAD xoxo from Prague.”
At this time, not much is known about this incident.
(–Source: TechCrunch on MSN
Read More: Someone hacked ransomware gang Everest’s leak site )
Fall River public schools’ internal system was hit by a cyberattack, leaving the district, which does not have insurance for these kinds of incidents, potentially forced to pay out-of-pocket for data recovery.
This attack, which was discovered on Monday, has left the district with no email or internet access for the rest of the week, possibly longer, as investigation occurs. Students and staff are unable to use school computers at this time.
(–Source: Yahoo! News
Read More: Fall River schools chief: No insurance for cyberattack; says computer system remains down )
Port of Seattle has sent out data breach notification letters as well as posted a notice on their website to inform individuals affected by the data breach that occurred in August 2024. Around 90,000 people were notified.
The letter confirms that the Rhysida ransomware group was responsible for the attack. The group reportedly “accessed and downloaded some personal information from Port systems.” This information was then held for ransom, but the Port did not give into the group’s payment demands.
(–Source: TechRadar Pro on MSN
Read More: Port of Seattle ransomware breach exposes data on around 90,000 people )
Food manufacturing company, WK Kellogg, employees had their sensitive data exposed in a recent breach that occurred in December 2024 after the hackers exploited a vulnerability in file transfer software.
The company discovered the breach in late February 2025 and filed an incident report last week. It’s believed that the Clop ransomware group is responsible, as tWK Kellogg was mentioned on the group’s leak site in February. Affected employees have been notified of the incident and are being offered one year of free identity theft protection tools.
(–Source: Infosecurity Magazine
Read More: WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit – Infosecurity Magazine )
Oregonians needing car-emissions inspections must now wait until next week due to a cyberattack on Oregon’s Department of Environmental Quality.
This attack is taking a toll on the department, leading officials to close inspection stations throughout the state Thursday and Friday this week while cybersecurity professionals investigate the incident and restore systems. The extent of this attack is not yet known, but the department’s environmental data management system, which is hosted on a different server, remains online.
(–Source: OregonLive.com on MSN
Read More: Cyberattack causes Oregon DEQ to halt car inspections for rest of week )
