HACKERS BRIEF from CyberWyoming Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors. FIRST REPORT OF WYOMING SCAM ATTRIBUTED TO POWERSCHOOL BREACH A PowerSchool breach involving records dating back to 1985 made headlines a few weeks ago. This week, a Gillette citizen received a call claiming her husband urgently needed to sign some documents. Around the same time, her husband received a call stating he was wanted by the police department, and her son and daughter both received calls saying their dad was under indictment. Because the en- tire family was contacted in quick succession, the citizen considered where her family's contact information might be stored and suspects this could be linked to the PowerSchool breach. CyberWyoming Note: Create a strong family passphrase. If you receive a call like this, even if the caller sounds like a family member, ask for the family password. If they don't know it, you'll know it's a scam. With voice cloning tech- nology now available through Al apps, scammers can spoof a family member's phone number, mimic their voice, and manipulate you with a believable story to cause panic. For more about the PowerSchool breach: https://arstechnica.com/security/2025/01/students-parents- and-teachers-still-smarting-from-breach-exposing-their-info/. SHARING SENSITIVE INFORMATION WARNING If you decide to create a family password, avoid sharing it via text. When texting between Android and Apple devices, encryption can break, allowing hackers to intercept messages. Email is also not a secure way to share sensitive information. The safest way to discuss your family password or other sensitive information is in person or over a secure phone call. MANAGER IMPERSONATION A Cheyenne citizen reported receiving a seam email that imperson- ated their manager. The email had a blank subject line and contained a poorly written message: "Do you have a moment? I am going into a meeting now, so no calls just reply back to my mail." Although the sender's name appeared to be their manager's (in all caps), the Gmail address was incorrect. The email was flagged as suspicious due to its grammar and the discrepancy in the sender's address. CyberWyoming Note: Be cautious of emails that seem out of character, especially those requesting replies and discouraging phone calls, as this is a common tactic used in social engineering scams. Always verify any such request through an independent communication channel before responding UPDATE: POWERSCHOOL DATA BREACH EXPOSES PERSONAL INFO A recent cyberattack on PowerSchool, a major U.S. education tech- nology provider, has exposed sensitive data from multiple school districts. Hackers gained access to historical data on students and teachers, including personal details such as names, addresses, Social Security numbers, and medical information. The breach, which occurred in December, affected both current and former records of individuals across K-12 schools using PowerSchool's system. Some districts reported that attackers accessed all historical data, with many also highlighting the lack of basic security measures like multi-factor authentication. PowerSchool has acknowledged the breach but has not disclosed the full scope or the exact number of affected schools. - Brought to you by Secure The Village & TechCrunch https://techcrunch.com/2025/01/15/powerschool-data-breach-vic- tims-say-hackers-stole-all-historical-student-and-teacher-data/ CYBER COLD WAR HEATS UP The U.S. is engaged in a "cybersecurity arms race" following a hack by Chinese cybercriminals that breached the Treasury Department's computers, stealing sensitive documents. The attack, attributed to state-linked Chinese threat actors, targeted a third-party vendor re- sponsible for the Treasury's IT security and involved the theft of a key used to provide remote technical support via Beyond Trust. The Cy- bersecurity and Infrastructure Security Agency (CISA) has confirmed that the December attack has not impacted other federal agencies, and all affected instances have been patched. BeyondTrust has completed a forensic investigation of a spree of attacks targeting their Remote Support SaaS customers, confirming no further attacks have been reported. However, questions remain about the long-term impact and specifics of how the attacks occurred. Cybersecurity expert Leeza Garber describes the situation as an ongoing "warfront," signaling the shift from a cold war to active conflict in cybersecurity. - Brought to you by Cybersecurity Dive & Fox 11 News https://www.cybersecuritydive.com/news/cisa-hack-treasury-feder- al-agencies/736654/ https://foxllonline.com/news/nation-world/us-cybersecurity-in-arms- race-after-treasury-dept-hack HACKERS ALLEGEDLY CLAIMING BREACH OF HEWLETT PACKARD ENTERPRISE Hackers called IntelBroker have claimed they broke into Hewlett Packard Enterprise (HPE) and stole sensitive information. This includes private GitHub files, software used to manage applications, customer data, and source code for important HPE products. They also got access to security keys and personal information, which could lead to identity theft or fraud. Intel Broker is known for hacking big companies like Facebook and Apple and releasing private government documents. This breach could harm HPE's business and trust with customers. - Brought to you by Cyber Security News https://cybersecuritynews.com/hackers-alleged-hewlett-pack- ard-breach/ Please report scams you may experience to phishing@cyberwyo- ming.org to alert your friends and neighbors. Better Business Bureau Scam Tracker: www.bbb.org/scamtrack- er/us/reportscam Wyoming Attorney General's Office, Consumer Protection o Email ag.consumer@wyo.gov o Complaint form https://attorneygeneral.wyo.gov/law-of- fice-division/consumer-protection-and-antitrust-unit/consum- er-complaints VICTIM SUPPORT: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraud- support to learn more about the free program and register. Hackers Brief from Cyber Wyoming brought to you by FIRST FEDERAL BANK & TRUST 307.674.0464 | www.efirstfederal.bank HACKERS BRIEF from CyberWyoming Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors . FIRST REPORT OF WYOMING SCAM ATTRIBUTED TO POWERSCHOOL BREACH A PowerSchool breach involving records dating back to 1985 made headlines a few weeks ago . This week , a Gillette citizen received a call claiming her husband urgently needed to sign some documents . Around the same time , her husband received a call stating he was wanted by the police department , and her son and daughter both received calls saying their dad was under indictment . Because the en- tire family was contacted in quick succession , the citizen considered where her family's contact information might be stored and suspects this could be linked to the PowerSchool breach . CyberWyoming Note : Create a strong family passphrase . If you receive a call like this , even if the caller sounds like a family member , ask for the family password . If they don't know it , you'll know it's a scam . With voice cloning tech- nology now available through Al apps , scammers can spoof a family member's phone number , mimic their voice , and manipulate you with a believable story to cause panic . For more about the PowerSchool breach : https://arstechnica.com/security/2025/01/students-parents- and - teachers - still - smarting - from - breach - exposing - their - info / . SHARING SENSITIVE INFORMATION WARNING If you decide to create a family password , avoid sharing it via text . When texting between Android and Apple devices , encryption can break , allowing hackers to intercept messages . Email is also not a secure way to share sensitive information . The safest way to discuss your family password or other sensitive information is in person or over a secure phone call . MANAGER IMPERSONATION A Cheyenne citizen reported receiving a seam email that imperson- ated their manager . The email had a blank subject line and contained a poorly written message : " Do you have a moment ? I am going into a meeting now , so no calls just reply back to my mail . " Although the sender's name appeared to be their manager's ( in all caps ) , the Gmail address was incorrect . The email was flagged as suspicious due to its grammar and the discrepancy in the sender's address . CyberWyoming Note : Be cautious of emails that seem out of character , especially those requesting replies and discouraging phone calls , as this is a common tactic used in social engineering scams . Always verify any such request through an independent communication channel before responding UPDATE : POWERSCHOOL DATA BREACH EXPOSES PERSONAL INFO A recent cyberattack on PowerSchool , a major U.S. education tech- nology provider , has exposed sensitive data from multiple school districts . Hackers gained access to historical data on students and teachers , including personal details such as names , addresses , Social Security numbers , and medical information . The breach , which occurred in December , affected both current and former records of individuals across K - 12 schools using PowerSchool's system . Some districts reported that attackers accessed all historical data , with many also highlighting the lack of basic security measures like multi - factor authentication . PowerSchool has acknowledged the breach but has not disclosed the full scope or the exact number of affected schools . - Brought to you by Secure The Village & TechCrunch https://techcrunch.com/2025/01/15/powerschool-data-breach-vic- tims - say - hackers - stole - all - historical - student - and - teacher - data / CYBER COLD WAR HEATS UP The U.S. is engaged in a " cybersecurity arms race " following a hack by Chinese cybercriminals that breached the Treasury Department's computers , stealing sensitive documents . The attack , attributed to state - linked Chinese threat actors , targeted a third - party vendor re- sponsible for the Treasury's IT security and involved the theft of a key used to provide remote technical support via Beyond Trust . The Cy- bersecurity and Infrastructure Security Agency ( CISA ) has confirmed that the December attack has not impacted other federal agencies , and all affected instances have been patched . BeyondTrust has completed a forensic investigation of a spree of attacks targeting their Remote Support SaaS customers , confirming no further attacks have been reported . However , questions remain about the long - term impact and specifics of how the attacks occurred . Cybersecurity expert Leeza Garber describes the situation as an ongoing " warfront , " signaling the shift from a cold war to active conflict in cybersecurity . - Brought to you by Cybersecurity Dive & Fox 11 News https://www.cybersecuritydive.com/news/cisa-hack-treasury-feder- al - agencies / 736654 / https://foxllonline.com/news/nation-world/us-cybersecurity-in-arms- race - after - treasury - dept - hack HACKERS ALLEGEDLY CLAIMING BREACH OF HEWLETT PACKARD ENTERPRISE Hackers called IntelBroker have claimed they broke into Hewlett Packard Enterprise ( HPE ) and stole sensitive information . This includes private GitHub files , software used to manage applications , customer data , and source code for important HPE products . They also got access to security keys and personal information , which could lead to identity theft or fraud . Intel Broker is known for hacking big companies like Facebook and Apple and releasing private government documents . This breach could harm HPE's business and trust with customers . - Brought to you by Cyber Security News https://cybersecuritynews.com/hackers-alleged-hewlett-pack- ard - breach / Please report scams you may experience to phishing @ cyberwyo- ming.org to alert your friends and neighbors . Better Business Bureau Scam Tracker : www.bbb.org/scamtrack- er / us / reportscam Wyoming Attorney General's Office , Consumer Protection o Email ag.consumer@wyo.gov o Complaint form https://attorneygeneral.wyo.gov/law-of- fice - division / consumer - protection - and - antitrust - unit / consum- er - complaints VICTIM SUPPORT : The AARP Fraud Watch Network and Volunteers of America ( VOA ) created a new , free program to provide emotional support for people impacted by a scam or fraud , called ReST . Visit www.aarp.org/fraud- support to learn more about the free program and register . Hackers Brief from Cyber Wyoming brought to you by FIRST FEDERAL BANK & TRUST 307.674.0464 | www.efirstfederal.bank