#data-theft
#data-theft

Qilin ransomware gang claims cyber attack on the Big Issue | Computer Weekly

A ransomware gang called Qilin claimed responsibility for breaching the Big Issue Group's IT systems and stealing 550GB of confidential data.

The stolen data includes personnel info, contracts, financial statements, and personal addresses like passport scans and payroll information. [ more ]

ComputerWeekly.com

British Library opens up over ransomware attack to help others | Computer Weekly

Ransomware attack on British Library

Importance of transparency in cybersecurity incidents [ more ]

Iapp

Artificial intelligence

Researchers create generative AI worm for cyberattacks

AI worm created for cyberattacks

Implement cybersecurity safeguards for technology startups [ more ]

TechCrunch

Researchers warn high-risk ConnectWise flaw under attack is 'embarrassingly easy' to exploit | TechCrunch

High-risk vulnerability in ConnectWise ScreenConnect is easy to exploit

Malicious hackers actively exploiting the flaw [ more ]

Ars Technica

Ongoing campaign compromises senior execs' Azure accounts, locks them using MFA

Unknown attackers are targeting Microsoft Azure accounts in an ongoing campaign to steal sensitive data and financial assets.

The attackers use phishing techniques and account takeovers to compromise the targeted accounts and enroll them in multifactor authentication to secure them. [ more ]

morecybersecurity

cyberattack

BleepingComputer

Pharmaceutical giant Cencora says data was stolen in a cyberattack

Cencora, previously AmerisourceBergen, faced a cyberattack involving data theft.

The company contained the incident, is cooperating with authorities, but impact on finances is undetermined. [ more ]

Theregister

Caravan club admits members' personal data possibly accessed

The Caravan and Motorhome Club (CAMC) still cannot confirm whether members' data was stolen in a January cyberattack.

The club has listed the types of data that might have been accessed, but remains uncertain about any theft. [ more ]

Forbes

4 Remote Workplaces Most Vulnerable To Cyberattacks And 9 Common Mistakes

Remote workers face increased cyber threats as cyberattacks on individuals and companies continue to rise.

Co-working spaces, libraries, coffee shops, cafes, and working in a different country or city from your company are the most vulnerable locations for data theft. [ more ]

morecyberattack

data theft

Entrepreneur

10 Ways to Protect Yourself From Hackers While Traveling | Entrepreneur

When hackers could penetrate your device and gain access to sensitive apps, your privacy and money are at a big risk.

In recent years, hackers have shown special interest in airports and stealing passengers' data. [ more ]

ComputerWeekly.com

Rhysida ransomware gang hits hospital holding royal family's data | Computer Weekly

The Rhysida ransomware group has targeted the private King Edward VII Hospital in London and claims to have stolen data on the royal family.

The gang is offering the stolen data for sale, with a price set at 10 bitcoin if no buyer takes up the offer within seven days, they will make the data publicly available. [ more ]

Databreaches

Some city data was stolen during cyber breach; full scope remains unknown, Long Beach says

Long Beach officials confirmed a cybersecurity breach and data theft.

The city does not currently know what data was taken or the extent of the breach. [ more ]

TechCrunch

British Library confirms data stolen during ransomware attack | TechCrunch

The British Library has confirmed that a ransomware attack led to the theft of internal data.

The attack caused a major technology outage across the library's sites and disrupted online and on-site services.

The ransomware gang responsible for the attack has demanded over $740,000 worth of bitcoin. [ more ]

Engadget

An email vulnerability let hackers steal data from governments around the world

Google's Threat Analysis Group discovered and helped patch an email server flaw used to steal data from government organizations in several countries.

The exploit targeted the email server Zimbra Collaboration and stole email data, user credentials, and authentication tokens.

Updating software with the latest fixes is crucial to protect against these types of exploits. [ more ]

moredata theft

Theregister

2 days ago

Data science

Europol confirms incident after data breach claims

Europol is investigating a cybercriminal's claims of stealing data; Europol Platform for Experts affected but no core systems compromised. [ more ]

TechCrunch

3 weeks ago

Hackers are threatening to publish a huge stolen sanctions and financial crimes watchlist | TechCrunch

The stolen World-Check database contains 5.3 million records [ more ]

Theregister

3 weeks ago

185K people's data stolen in Cherry Health ransomware raid

Ransomware attack on US healthcare organization compromised sensitive data of nearly 185,000 individuals. [ more ]

ComputerWeekly.com

Ransomware gang leaks data stolen from Scottish NHS board | Computer Weekly

Inc Ransom claimed to have stolen three terabytes of data from NHS Scotland, including sensitive medical reports and patient letters.

NHS Dumfries and Galloway acknowledged a cyber attack, with a small data dump disclosed and ongoing efforts to limit any data sharing. [ more ]

Theregister

Change Healthcare's data protection under US investigation

Change Healthcare under investigation for alleged data theft by ALPHV ransomware group

US HHS launching formal inquiry into Change Healthcare's data protection practices [ more ]

Nextgov.com

FCC staff targeted in phishing attack that cloned agency login site

The FCC was targeted in a phishing operation using a fake login page.

The phishing kit named CryptoChameleon targeted cryptocurrency exchange platforms and successfully collected sensitive information. [ more ]

TechRepublic

Google's Threat Analysis Group's Spyware Research: How CSVs Target Devices and Applications

Commercial surveillance vendors sell surveillance services to governments for monitoring or spying purposes.

CSVs openly operate with websites, marketing content, and sales teams, and may change names to avoid scrutiny. [ more ]

Developer Tech News

Python

PyPI suspends registrations amid malware attack

PyPI has suspended new project creation due to a malware upload campaign.

Attackers are using typosquatting to distribute malicious Python packages for data theft. [ more ]

ESPN.com

National Basketball Association

Fired Wolves employee given supervised release

An ex-employee of the Minnesota Timberwolves was arrested for stealing sensitive internal information.

The stolen data included strategic NBA information and the executive's personal details. [ more ]

ESPN.com

National Basketball Association

Wolves employee fired, arrested for alleged theft

An employee of the Minnesota Timberwolves was fired, arrested, and charged with felony third-degree burglary for stealing strategic NBA information.

The Timberwolves executive, Sachin Gupta, had his personal and team-related information stolen from a hard drive left in his office. [ more ]

Databreaches

Privacy technologies

Vastaamo victims' lawyer: Some took their own lives after patient record leak

Patient records from Vastaamo used in extortion led to suicides.

Trial of Aleksanteri Kivimäki nearing conclusion in data theft case. [ more ]

Databreaches

Privacy technologies

After cyber attack, New York hospitals find stolen patient info stored in Massachusetts, look for its return

Claxton-Hepburn Medical Center and Carthage Area Hospital have filed legal paperwork to get their stolen data back

The stolen data was found to be stored on a server owned by Wasabi Technologies in Boston, Massachusetts [ more ]

Databreaches

Privacy technologies

Recent attacks on Fred Hutch and Integris: Is attempting to extort patients directly becoming the "new normal?"

DataBreaches previously reported a breach involving Integris Health in Oklahoma.

WIRED

Artificial intelligence

Here Come the AI Worms

AI worms can now spread between generative AI agents, potentially causing data theft and malware deployment.

As generative AI systems become more autonomous, the risk of new cyberattacks increases. [ more ]

Ars Technica

Artificial intelligence

New attack steals AI secrets from GPUs made by Apple, AMD, and Qualcomm

Demand for GPU chips is increasing as companies rely on them for running large language models and processing data at scale.

Researchers have uncovered a vulnerability in multiple brands of GPUs, including Apple, Qualcomm, and AMD chips, that could allow attackers to steal data from a GPU's memory. [ more ]

Theregister

Information security

GitHub struggles to keep up with automated malicious forks

Malware campaign started in PyPI spread to GitHub infecting 100,000 repositories.

Attackers upload altered files to GitHub, cloning legitimate repos to spread malware loaders. [ more ]

www.housingwire.com

Information security

First American makes progress on restoring systems from pre-Christmas cyberattack

First American Financial is making progress in restoring its systems after a data theft incident.

This is the second major cyber security incident to hit the title industry in less than a month. [ more ]

Acm

Information security

Multiple Data Leaks at 23andme

Genetics testing firm 23andme and its users were targeted by cybercriminals who leaked or breached millions of user profiles and genetic data records.

The threat actors accessed user accounts through credential stuffing and scraped data from the DNA Relatives feature. [ more ]

Theregister

Phishers pwn hundreds of users, dozens of Azure environments

Phishing campaign targets senior business executives, including C-suite roles and VPs.

Attackers aim to gain access to privileged accounts and steal sensitive data. [ more ]

Databreaches

Warzone RAT Sales and Support Actors in Malta and Nigeria Charged in U.S. Federal Indictments

Federal authorities seized internet domains used to sell RAT malware

Individuals in Malta and Nigeria were indicted for selling malware and supporting cybercriminals [ more ]

Theregister

Data-theft malware exploits Windows Defender SmartScreen

Criminals are exploiting a Windows Defender SmartScreen bypass vulnerability to distribute Phemedrone Stealer malware that steals sensitive information from infected PCs.

The malware targets a wide range of browsers, applications, cryptocurrency wallets, and messaging apps to gather sensitive information and login credentials. [ more ]

Databreaches

Public health

Capital Health acknowledges a cyberattack last month but details are lacking

LockBit3.0 claims to have stolen over 10 million files and 7 terabytes of medical confidentiality data from CapitalHealth.org in New Jersey.

There is no proof to support LockBit3.0's claims and Capital Health has not mentioned any extortion attempt or known group claiming responsibility. [ more ]

Databreaches