GruesomeLarch, an advanced persistent threat group, compromised several account passwords on a web service platform using credential-stuffing attacks. However, two-factor authentication prevented actual account breaches. The hackers then hacked physically nearby devices and accessed the target’s Wi-Fi network using the same credentials. The Wi-Fi network didn’t require two-factor authentication, reflecting the faulty assumption that its close proximity would protect it.
DataBreaches.Net Reports PowerSchool Sued Over Student and Teacher Data Breach
Let me fill you in on some rather disconcerting news: PowerSchool Holdings Inc. finds itself in hot water after being hit with three federal lawsuits.
