The Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) has alerted local authorities in the US to an apparently widespread phishing campaign in which unknown actors are contacting election officials with spoofed emails. The Wall Street Journal reports that EI-ISAC describes the messages as “potentially malicious,” although most don’t include the malicious links normally used in phishing.
Document services company Nitro says it sustained a “low impact security incident,” but BleepingComputer says researchers at Cyble have found Nitro user and document information for sale on the dark web.
The law firm Fragomen, Del Rey, Bernsen & Loewy, which provides Google with I-9 employment verification compliance services, disclosed Friday that it had been breached, and that some Google employees’ personal information was compromised.
The board of Finnish psychotherapeutic practice Vastaamo has dismissed the clinic’s CEO after concluding he’d been aware of a significant data breach for more than a year without disclosing it, Yle Uutiset reports. An update in the BBC says the breach included records of therapeutic sessions; Victim Support Finland has advice for those affected.
The Dhaka Tribune reports that Bangladeshi hacktivists identifying themselves as "Cyber 71" have taken up the cause of an extremist who murdered a French schoolteacher on October 17th. Cyber 71 defaced various French commercial websites in retaliation for perceived insult to the Prophet: an Islamist militant beheaded Samuel Paty in Conflans-Sainte-Honorine as punishment for displaying caricatures of the Prophet Muhammed. (Those cartoons' publication by Charlie Hebdo prompted a 2015 massacre at the magazine's offices.)