Cyber Security Headlines: Philadelphia Inquirer cyber attack, DOT breach exposes federal employee data, 3 million data breach notices sent to SchoolDude users

Cyber attack hits Philadelphia Inquirer

Over the weekend, a cyber “incident” halted The Philadelphia Inquirer’s Sunday print edition. Staff reported issues accessing the company’s content management system which is used to write, edit, and publish stories and titles. Inquirer publisher, Lisa Hughes, said this is the worst disruption Pennsylvania’s largest news organization has faced since a blizzard in 1996. She didn’t have “an exact timeline” for full restoration of its operations but said the Inquirer will continue to publish online articles and cover Tuesday’s mayoral primary elections.

(The Register)

Transportation Department cyber breach exposes federal employee data

The Department of Transportation has been hit with a data breach that may have exposed personally identifiable information of federal government employees. The data breach impacts nearly 240,000 current and former employees enrolled in the US Department of Transportation’s (DOT) transit benefit program called TRANServe. Compromised info may include TRANServe members account details, work contact info, home addresses, and SmarTrip and TRANServe Card numbers. According to the TRANServe program website, its benefits system is currently down due to unscheduled maintenance. 


3 million data breach notices being sent to SchoolDude users 

Last Thursday, Brightly Software, a Siemens subsidiary, began issuing notification letters to 3 million current and former SchoolDude users, flagging a cybersecurity incident that occurred in late April. SchoolDude is an online platform offering various software solutions for educational institutions and technology professionals. Stolen info includes names, email addresses, phone numbers, schools district names, and account passwords. The company is investigating the incident and has prompted a password reset for all SchoolDude user accounts.


WhatsApp now lets you lock chats with a password or fingerprint

Meta is rolling out ‘Chat Lock,’ a new WhatsApp privacy feature that allows users to block others from accessing personal conversations. Chat Lock will create a new folder that can be locked with a password or biometric methods like a fingerprint. Additionally, locked chat notifications are automatically hidden to prevent others from snooping while using the phone. Users can enable the new privacy feature by choosing the lock option after tapping the name of a one-to-one or group chat. 

(Bleeping Computer)

And now a word from our sponsor, Hunters

Relying on a SIEM in 2023 is like living in a college dorm room, post-graduation – you’re operating in an environment you’ve out-grown. The Hunters SOC Platform is purpose built to help your Security Operations mature to the level you need to be at. ChargePoint, the world’s largest network of electric vehicle charging stations, uses Hunters SOC Platform to leverage its out-of-the-box detection content to more efficiently respond to new threats and vulnerabilities. It’s time to Move Beyond SIEM. Visit to learn more and let them know you heard about Hunters on the CISO Series.

PharMerica leaks PII of 5.8 million deceased users

PharMerica Healthcare has disclosed that its systems were breached by a threat actor exposing PII of more than 5.8 million deceased individuals. The incident occurred from March 12-13 and exposed info including victim name, address, date of birth, Social Security number, medications, and health insurance details. Experts say that because the victims are deceased, relatives aren’t likely to regularly monitor their credit reports, making related cybercrimes even more difficult to detect and stop.

(Dark Reading)

Loved ones of the Buffalo shooting victims want social media platforms held responsible

A year after a racially-motivated mass shooting took 10 innocent lives at a Tops grocery store in Buffalo, New York, the victims’ loved ones have filed a lawsuit against Meta (Facebook’s parent company), Google, (YouTube’s parent company), Amazon, (Twitch’s parent company), Reddit, Snapchat, Discord and 4Chan. The shooter live streamed the attack on Twitch, which was taken down within two minutes, but was then uploaded to 4Chan and on Facebook, whose algorithm continued to recommend the video. The suit alleges the platforms facilitated the shooter’s white supremacist radicalization and claims their algorithms are designed to take advantage of teenagers by engaging them, “through increasingly extreme and psychologically discordant content.” Section 230 of the 1996 Communications Decency Act protects social media platforms from legal accountability over content posted by users. This could pose a challenge to the suit but Section 230 is currently facing legislative efforts and Supreme Court cases aiming to restrict companies’ immunity.


Ex-Ubiquiti employee imprisoned for $2 million crypto extortion scheme

Following up on a story Cyber Security Headlines brought to you back in April 2021, a former employee of tech firm Ubiquiti has been imprisoned for six years after confessing to trying to extort nearly $2 million worth of cryptocurrency from the company. Nickolas Sharp, who worked as a senior developer, was arrested for illegally accessing confidential data and attempting to extort 50 Bitcoin from the company by sending an anonymous email. Sharp not only perpetrated the breach but reportedly orchestrated the publication of misleading news articles about the company’s handling of the incident, ultimately leading to a loss of over $4 billion in the company’s market capitalization.

(Infosecurity Magazine)

Airline exposes passenger info to others due to a ‘technical error’

Latvian airline, airBaltic, has confirmed that a ‘technical error’ exposed reservation details of a small number of passengers to other airBaltic passengers. On Monday, the airlines’ customers began reporting receiving unexpected emails which addressed them by the name of another customers. The mis-routed emails may have exposed passenger names, birth dates, email addresses and flight reservation numbers. airBaltic has begun emailing impacted passengers and said that no financial information was exposed.

(Bleeping Computer)

Sean Kelly is a cyber risk professional and leader who thrives on learning, collaborating and helping the business securely advance its mission. Sean is also a musician and outdoor enthusiast who loves spending time with his family and two cats.