ransomware

cyberattack
TechCrunch
2 hours ago
Privacy professionals

LoanDepot says about 17 million customers had personal data and Social Security numbers stolen during cyberattack | TechCrunch

LoanDepot confirmed data breach impacting 17 million customers' sensitive information.
Other loan and mortgage companies also targeted by cyberattacks in recent months.
Theregister
1 week ago
Privacy professionals

Southern Water cyberattack will affect swathe of customers

Between 5 and 10 percent of Southern Water's customers had their data stolen in a cyberattack.
Southern Water has still not confirmed if ransomware was involved in the attack.
TechCrunch
1 month ago
Privacy professionals

Fidelity National Financial says hackers stole data on 1.3 million customers | TechCrunch

Real estate services giant Fidelity National Financial confirmed a cyberattack in November that resulted in the theft of customer data.
FNF has notified affected customers and is providing credit monitoring and identity theft services, implying that the stolen data was personal or sensitive in nature.
TechCrunch
1 month ago
Privacy professionals

Fidelity National Financial says hackers stole data on 1.3 million customers | TechCrunch

Real estate services giant Fidelity National Financial confirms data breach affecting 1.3 million customers.
The cyberattack resulted in a week-long outage and customers were unable to pay their mortgages.
Databreaches
1 month ago
Privacy technologies

US retail mortgage lender LoanDepot struggles with cyberattack

LoanDepot, a U.S. retail mortgage lender, is grappling with a cyberattack that impacted its loan processing and phone service.
The company has not confirmed whether it was a ransomware attack, but it appears to be based on the information provided.
www.housingwire.com
2 months ago
Privacy professionals

AlphV/BlackCat gang allegedly behind Fidelity ransomware attack

The ransomware gang AlphV/BlackCat has claimed responsibility for a cyberattack on Fidelity National Financial.
Fidelity National Financial notified the public of the cybersecurity breach and the resulting disruptions in a filing with the Securities and Exchange Commission.
Mr. Cooper, another housing industry firm, was also recently targeted in a cyberattack.
morecyberattack
Databreaches
2 days ago
Law

True or false, Friday law enforcement edition

Law enforcement is making progress in disrupting ransomware groups.
Seizing onion sites and servers without arresting leaders may allow groups to reemerge.
Databreaches
3 days ago
Privacy professionals

If you pay ransom, you may not get your data back and worse, you probably WILL get hit again - Cybereason Survey

Paying ransom encourages more attacks
Organizations that pay ransom are likely to be targeted again
lockbit
TechCrunch
3 days ago
Privacy professionals

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn | TechCrunch

The high-risk flaws in ConnectWise ScreenConnect are being exploited by hackers to deploy LockBit ransomware.
Two vulnerabilities, an authentication bypass bug and a path traversal bug, are actively exploited to plant malicious code remotely.
www.france24.com
6 days ago
Privacy professionals

International investigation disrupts infamous ransomware gang LockBit

Law enforcement agencies disrupt LockBit ransomware syndicate
LockBit linked to thousands of cyberattacks globally
International collaboration key in dismantling LockBit
Databreaches
1 month ago
Privacy technologies

$2.4 trillion securities platform owner hacked. EquiLend admits "unauthorised access"

Financial technology company EquiLend experienced unauthorized access to its systems on January 22, disrupting some of its services.
EquiLend is working to restore the affected services and has enlisted the help of external cybersecurity firms and advisers.
morelockbit
BleepingComputer
6 days ago
Privacy professionals

Cactus ransomware claim to steal 1.5TB of Schneider Electric data

Cactus ransomware gang claims 1.5TB data stolen from Schneider Electric.
Ransomware group threatens to leak stolen data if ransom not paid.
Databreaches
4 days ago
Privacy technologies

Unpicking LockBit - 22 Cases of Affiliate Tradecraft

GOLD MYSTIC threat group operates LockBit RaaS since mid-2019
Disruptive action taken against LockBit RaaS operation by international law enforcement
cybercrime
www.fastcompany.com
6 days ago
Privacy professionals

The LockBit cybercrime takedown shows FBI is getting more media savvy

LockBit responsible for 25% of internet ransomware
Law enforcement successfully took down LockBit gang
Ars Technica
6 days ago
Privacy professionals

LockBit ransomware group taken down in multinational operation

Law enforcement agencies disrupt cybercrime gang LockBit, arresting key members and seizing core technology.
LockBit responsible for billions in damages through ransomware attacks targeted at high-profile institutions worldwide.
www.independent.co.uk
6 days ago
Privacy professionals

Hacker website taken over by UK-led law enforcement operation

Law enforcement takes over LockBit's website distributing ransomware.
International cooperation for cybercrime investigations.
www.npr.org
6 days ago
Law

Global law enforcement effort cracks down on LockBit ransomware group

Law enforcement from 11 countries disrupts major cybercrime group Lockbit
Lockbit made over $120 million through ransomware attacks
Databreaches
6 days ago
Privacy technologies

Updating: In "Cronos," law enforcement took down 34 Lockbit servers

Law enforcement seized control of LockBit's infrastructure and arrested key actors.
Authorities disrupted LockBit's criminal enterprise by seizing servers, freezing cryptocurrency accounts, and issuing arrest warrants.
Databreaches
6 days ago
Privacy technologies

Developing: LockBit disrupted by law enforcement

LockBit3.0 dark web blog seized by law enforcement.
LockBit services disrupted due to international law enforcement action.
morecybercrime
TechCrunch
6 days ago
Privacy professionals

US sanctions LockBit members after ransomware takedown | TechCrunch

The U.S. government sanctioned two members of the LockBit hacking gang.
Sanctions against individuals make it harder for hackers to profit from ransomware.
TechCrunch
1 week ago
Privacy professionals

Why are ransomware gangs making so much money? | TechCrunch

Ransomware gangs had a lucrative year in 2023
Known ransomware payments almost doubled in 2023
Harvard Business Review
1 week ago
Privacy professionals

Why Data Breaches Spiked in 2023

Data breaches continue to increase yearly, with a 20% rise from 2022 to 2023.
Primary reasons for increased data theft: cloud misconfiguration, new ransomware attacks, vendor system exploitation.
Theregister
1 week ago
Privacy professionals

ALPHV claims cyberattacks on Prudential Financial, LoanDepot

Ransomware group ALPHV/BlackCat claimed attacks on Prudential Financial and LoanDepot.
Victims advised not to pay ransom to cybercriminals and risk data disclosure.
TechCrunch
1 week ago
Privacy professionals

Why are ransomware gangs making so much money? | TechCrunch

Ransomware gangs had a lucrative year in 2023 with record-breaking earnings.
2023 saw an escalation in ransomware tactics, but a drop in payments due to improved cyber defenses.
Databreaches
1 week ago
Privacy professionals

Reward for Information: ALPHV/Blackcat Ransomware as a Service

The U.S. Department of State is offering a reward of up to $10 million for information on the leadership of the ALPHV/Blackcat ransomware group.
The FBI has helped victims restore their systems and prevent $99 million in ransom payments.
ComputerWeekly.com
1 week ago
Privacy professionals

Southern Water customer data was taken in ransomware attack | Computer Weekly

Southern Water confirms customer data stolen in ransomware attack
Data stolen includes customer names, birthdates, bank account details
Theregister
1 week ago
Privacy professionals

Romania ransomware crisis pinned to third-party incident

The outbreak of ransomware cases in Romanian hospitals is linked to an incident at a service provider that operates a healthcare management platform used by hospitals across the country.
Over 100 hospitals in Romania have been affected, with some disconnected from the internet and others having their files encrypted. The scale of the ransomware emergency is comparable to the WannaCry attack on NHS trusts in 2017.
Theregister
1 week ago
Privacy professionals

Free Rhysida ransomware recovery tool published

Researchers have discovered a vulnerability in the random number generator used by the Rhysida ransomware, allowing them to decrypt victims' data.
A free recovery tool has been released by the Korea Internet and Security Agency (KISA) to help victims of the Rhysida ransomware.
Theregister
1 week ago
Privacy professionals

Jet engine dealer to major airlines discloses cyber snafu

Willis Lease Finance Corporation suffered a cybersecurity incident that led to data being posted on a ransomware group's leak blog.
The company took swift action to contain and remediate the incident, and believes it has fully contained the unauthorized activity.
WIRED
2 weeks ago
Privacy professionals

How 3 Million 'Hacked' Toothbrushes Became a Cyber Urban Legend

AI surveillance software tracked people on the London Underground to detect crime
Ransomware payments reached a record-breaking $1.1 billion in 2023
ReadWrite
2 weeks ago
Privacy professionals

U.S. insights company shows ransomware hackers drew in $1bn across 2023

Ransomware hackers extorted $1bn across 2023, a significant increase from the previous year.
The biggest ransomware attack of 2023 was carried out by the CL0P Ransomware Gang, exploiting a 'Zero-Day' vulnerability.
Databreaches
2 weeks ago
Privacy technologies

Reward Offers for Information to Bring Hive Ransomware Variant Co-Conspirators To Justice

The Department of State is offering a reward of up to $10,000,000 for information on the Hive ransomware group's key leaders.
The reward also includes up to $5,000,000 for information on anyone involved in Hive ransomware activity.
Iapp
2 weeks ago
EU data protection

Ransomware hackers were paid more than $1.1B in 2023

Ransomware groups received over $1.1 billion in payments in 2023 for selling back stolen data.
Hackers targeted high-profile institutions and critical infrastructure using zero-day vulnerabilities.
www.itpro.com
2 weeks ago
Privacy professionals

Three channel partner considerations for tackling ransomware

Ransomware operators are targeting the public cloud and infecting containers
Companies are reconsidering their use of the public cloud and considering hybrid approaches
ComputerWeekly.com
2 weeks ago
Privacy professionals

South Staffs Water faces group action over Clop ransomware attack | Computer Weekly

Close to 1,000 people have joined a class action claim against South Staffordshire Plc for a data breach caused by the Clop/Cl0p ransomware gang.
Barings Law, based in Manchester, is leading the legal action on behalf of the claimants who suffered leaks of personal information on the dark web.
www.theguardian.com
2 weeks ago
Privacy professionals

Ransomware gangs staged comeback' last year, says crypto research firm

Ransomware gangs made a major comeback in 2023, with victims paying out a record $1.1bn to hackers.
Payments to criminal gangs doubled compared to 2022, with an increase in big game hunting attacks targeting wealthier entities.
The decline in ransomware payments in 2022 was attributed to factors such as the Russia-Ukraine conflict and disruptions caused by law enforcement.
Engadget
2 weeks ago
Privacy professionals

How security experts unravel ransomware

Ransomware gangs made $449 million in the first half of 2023 through exploiting victims' files.
Security professionals and law enforcement are teaming up to provide free decryption tools to help victims avoid paying ransoms.
cyber-attack
www.theguardian.com
2 weeks ago
Privacy professionals

A shadowy hacker group brought the British Library to its knees. Is there any way to stop them? | Lamorna Ash

The cyber-attack on the British Library was likely carried out by the Russian hacker gang Rhysida, who had been infiltrating the library's systems for months before the attack.
The hackers demanded a ransom of 20 bitcoins (about 600,000) for privileged access to stolen personal information, but when the library refused to pay, the hackers published close to 500,000 files of stolen data.
ComputerWeekly.com
1 month ago
Privacy professionals

Akira ransomware gang claims Lush cyber attack | Computer Weekly

The Akira ransomware gang has claimed responsibility for a cyber attack on cosmetics retailer Lush.
Lush's website and stores have remained accessible, suggesting limited impact or effective mitigation measures.
Hackread - Latest Cybersecurity News, Press Releases & Technology Today
1 month ago
Privacy professionals

British Cosmetics Retailer Lush Investigating Cyber Attack

Lush is investigating a cyber attack
The nature of the attack is still unclear
Databreaches
2 months ago
Privacy professionals

Did Akumin experience two cyber attacks in October and November? It has only acknowledged one.

Akumin experienced two cyber attacks in a short period of time
The second attack by the ransomware group BianLian resulted in the theft of 5TB of sensitive documents
morecyber-attack
Databreaches
3 weeks ago
Privacy technologies

Canada's most prolific hacker is expected to make full restitution

Canada's most prolific hacker, Matthew Philbert, will make full restitution for the financial ruin caused by his cyber attacks.
Philbert will pay back around $49,200 in total, using seized bitcoin and funds held in trust by his lawyer.
The Verge
3 weeks ago
Privacy professionals

The ransomware business is booming, even as enforcers shut down some major players

Ransomware attacks increased in 2023, with a 49% increase in victims reported by ransomware leak sites.
Zero-day vulnerabilities and attacks on software systems contributed to the increase in ransomware attacks.
CyberScoop
3 weeks ago
Privacy professionals

Pentagon investigating theft of sensitive files by ransomware group

The Department of Defense is investigating claims by a ransomware group that they have stolen sensitive data related to the U.S. military.
The ransomware group allegedly obtained data related to the Defense Counterintelligence and Security Agency.
Theregister
3 weeks ago
Privacy professionals

LockBit remorseless in latest children's hospital attack

Ransomware gang LockBit targeted a nonprofit children's hospital in Chicago, deviating from its previous policy.
The criminals are demanding an $800,000 ransom from Saint Anthony Hospital, although it is unlikely the hospital can or will pay.
Mail Online
3 weeks ago
Privacy professionals

Russia gang claims it stole top-secret U.S. intelligence documents

The Russian ransomware group ALPHV allegedly stole top-secret documents from a technology company responsible for handling US intelligence documents
FBI director Christopher Wray warns of the threat of Chinese hackers in the US
Hot for Security
3 weeks ago
Privacy professionals

Canada's 'most prolific hacker' jailed for two years

A 33-year-old man has been sentenced to two years in prison for ransomware and malware attacks.
The hacker targeted over a thousand individuals, businesses, and organizations, including three police departments.
Axios
3 weeks ago
Privacy professionals

New data shows fewer ransomware victims are paying hackers

The percentage of organizations paying ransomware has dropped significantly, from 85% in Q1 2019 to 29% in Q4 2024.
The average ransom payment in Q4 2023 was $568,000, a 33% drop from the previous quarter.
TechRepublic
1 month ago
Artificial intelligence

UK Study: Generative AI May Increase Ransomware Threat

Generative AI may increase risks from cyber threats such as ransomware.
Generative AI will provide a 'capability uplift' to existing threats rather than creating brand new threats.
Databreaches
1 month ago
Privacy technologies

Interview with the Knight Group, the heir of Cyclops

Ransomware groups frequently disappear without explanation
Cyclops rebranded as Knight version 2.0 and imposed new rules
Ars Technica
1 month ago
Artificial intelligence

AI will increase the number and impact of cyber attacks, intel officers say

Ransomware is predicted to be the biggest threat to benefit from AI in the next two years
AI will enhance existing threats, not transform the risk landscape
Databreaches
1 month ago
Privacy technologies

University of Twente Maps Decision-Making Process for Ransomware Victims

Organizations with recoverable backups were less likely to pay ransoms during ransomware attacks.
Data exfiltration and insurance led to higher ransom amounts paid by victims.
Iapp
1 month ago
EU data protection

Ransomware groups face challenges after law enforcement's cybersecurity crackdowns

Law enforcement crackdown is making it harder for ransomware groups to carry out data breaches
Law enforcement efforts have decreased the number of infected computers and vulnerabilities
www.theguardian.com
1 month ago
Privacy professionals

AI will make scam emails look genuine, UK cybersecurity agency warns

AI tools can make it difficult to identify phishing emails and other cyber attacks
Generative AI and large language models will complicate efforts to detect different types of attacks
ComputerWeekly.com
1 month ago
Privacy professionals

AI will heighten global ransomware threat, says NCSC | Computer Weekly

The UK's National Cyber Security Centre (NCSC) has warned that AI will be used to increase the volume and impact of cyber attacks involving ransomware.
AI is already being used in malicious activity, reducing the barrier of entry for cyber criminals.
The NCSC is urging organizations and individuals to follow their advice to strengthen their defenses against cyber attacks.
www.theguardian.com
1 month ago
Privacy professionals

AI will make scam emails look genuine, UK cybersecurity agency warns

Artificial intelligence will make it difficult to spot phishing emails as AI tools become more sophisticated.
Generative AI and large language models will complicate efforts to identify different types of cyber attacks.
TNW | Data-Security
1 month ago
Privacy professionals

States could already produce AI malware that evades detection

AI-generated malware that can evade detection may already be in the hands of nation-states
AI will heighten the global ransomware threat and lower the entry barrier for cybercriminals
TechCrunch
1 month ago
Privacy professionals

US sanctions Russian citizen accused of playing key role in Medibank ransomware attack | TechCrunch

Russian national sanctioned for ransomware attack on Medibank
Sensitive data of almost 10 million patients exposed
Theregister
1 month ago
Privacy professionals

Ransomware crims slime AerCap, claim to have stolen 1TB

AerCap, the world's largest aircraft leasing company, has reported a ransomware infection
LoanDepot also disclosed a ransomware attack where personal information of approximately 16.6 million individuals was stolen.
Hot for Security
1 month ago
Privacy professionals

35.5 million customers of major apparel brands have their data breached after ransomware attack

ALPHV ransomware group stole personal data from VF Corp, the parent company of popular brands like Timberland and North Face.
VF Corp has not disclosed the specific data that was stolen, but it does not include payment card details, bank account information, or social security numbers.
Databreaches
1 month ago
Public health

Primary Health & Wellness Center, LLC's public notice of ransomware incident

Primary Health & Wellness Center, LLC in Maryland reported a ransomware incident affecting 4,792 patients.
The threat actor involved in the incident was believed to be Phobos, but there is no evidence of patient data exfiltration or misuse.
ComputerWeekly.com
1 month ago
EU data protection

Neighbouring Kent councils hit by simultaneous cyber attacks | Computer Weekly

Three local authorities in Kent, UK have been hit by cyber attacks, causing disruptions to public-facing systems.
The affected councils are working with the National Cyber Security Centre to respond to the incidents and restore services.
The attacks bear similarities and may be linked, indicating a potential ransomware incident.
Theregister
1 month ago
Digital life

What's worse than paying extortion bot that pwned your DB?

Malicious extortion bot is autonomously wiping out publicly exposed PostgreSQL and MySQL databases with weak passwords.
The bot deletes all tables and databases using 'DROP TABLE' and 'DROP DATABASE' commands, and leaves a ransom note demanding payment to regain access to the data.
ComputerWeekly.com
1 month ago
Privacy professionals

The human toll of ransomware: how IT pros suffer during incidents | Computer Weekly

Ransomware attacks can have a significant human impact, causing mental and physical health problems for staff involved in the response.
IT staff and cyber security staff are particularly vulnerable to burnout in the aftermath of a ransomware attack.
Databreaches
1 month ago
Business intelligence

Cloud Vendor Returns North Star Health Alliance Data Stolen and Stored by LockBit

A cloud services firm has turned over stolen patient data to a hospital alliance after a ransomware attack.
Wasabi Technologies had voluntarily turned over copies of the data to the FBI before the lawsuit was filed.
ComputerWeekly.com
1 month ago
Privacy professionals

Cosmetics retailer Lush dealing with mystery cyber incident | Computer Weekly

Cosmetics retailer Lush has experienced a cyber security incident.
The exact nature of the incident is currently undisclosed.
Databreaches
1 month ago
Privacy technologies

Ransomware gang targets nonprofit providing clean water to world's poorest

Water for People, a nonprofit focused on improving access to clean water, has been targeted by ransomware criminals.
The ransomware gang, Medusa, is threatening to publish stolen information unless the nonprofit pays a $300,000 extortion fee.
Theregister
1 month ago
Information security

CISA: Critical SharePoint vuln is under active exploitation

Ransomware criminals have acquired a functional exploit for a critical Microsoft SharePoint vulnerability.
The vulnerability, known as CVE-2023-29357, allows for remote code execution (RCE) and has a severity score of 9.8.
Databreaches
1 month ago
Privacy technologies

UK CISO's are cowing to ransomware demands more than you think, here's why they shouldn't pay up

One-third of UK-based CISOs have admitted to paying ransomware groups millions of dollars to mitigate the impact of an attack.
40% of UK CISOs have experienced a ransomware attack in the last five years and in every case, organizations chose to pay the ransom.
Theregister
1 month ago
Privacy professionals

Ransomware victims targeted in follow-on extortion attacks

Ransomware victims are being targeted by criminals posing as security researchers, who offer to delete stolen data or grant access to servers for a fee.
Arctic Wolf Labs identified two cases of victims being extorted by a fake cyber samaritan, believed to be the same individual or group.
Databreaches
1 month ago
Privacy technologies

Follow-on extortion campaign: confirmation of some findings by Arctic Wolf

Threat actors are using ethical researcher personas to extort money from ransomware victims.
Arctic Wolf Labs and DataBreaches believe that the same threat actor is behind multiple cases of secondary extortion.
BleepingComputer
2 months ago
Privacy professionals

Toyota warns customers of data breach exposing personal, financial info

Toyota Financial Services has suffered a data breach, with sensitive personal and financial data exposed.
The breach has impacted customers in Europe and Africa, with stolen data including full names, addresses, and banking information.
Databreaches
2 months ago
Privacy technologies

Neurology Center of Nevada allegedly attacked by Qlin

The ransomware gang Qlin has targeted the Neurology Center of Nevada (NCN) and added it to their leak site, providing screenshots of personal and protected health information.
It is unclear if this is NCN's second ransomware attack, as they previously experienced unauthorized access in 2022.
POLITICO
2 months ago
UK news

UK vulnerable to 'catastrophic' ransomware attack, MPs warn

MPs warn that the UK's critical national infrastructure is vulnerable to ransomware and the government is ill-prepared to defend against it.
The UK parliament's joint committee on national security strategy calls for the Cabinet Office to take over responsibility for ransomware from the Home Office to better tackle the threat.
ComputerWeekly.com
2 months ago
Privacy professionals

Critical UK infrastructure a 'hostage of fortune' to ransomware | Computer Weekly

The UK is at high risk of a catastrophic ransomware attack on critical national infrastructure.
The lack of planning for such an attack puts the entire country at risk.
Createsend
2 months ago
World news

The Morning Risk Report: Cyberattacks Leave Schools, Hospitals and Utilities Struggling to Pay Ransoms

Cyberattacks on the public sector are increasing due to weak protections.
Schools and hospitals are particularly vulnerable to cybercrime.
Municipalities are investing in security measures after experiencing attacks.
TechRepublic
2 months ago
Privacy professionals

Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware

Ransomware actors are shifting from encryption to extortion tactics
Healthcare and public health sector is the most targeted vertical for ransomware attacks
www.housingwire.com
2 months ago
Privacy professionals

Fidelity says cybersecurity attack is contained but questions remain

Fidelity National Financial (FNF) contained a cybersecurity attack after a week of chaos.
Ransomware gang AlphV/BlackCat claimed responsibility and threatened to disclose collected information.
Theregister
3 months ago
Privacy professionals

BlackCat claims attack on Fidelity National Financial

Fidelity National Financial has experienced a cybersecurity incident and had to shut down systems, impacting various areas of the business.
The company is one of the largest underwriters of title insurance and providers of transaction services in the US.
ALPHV/BlackCat ransomware group claimed responsibility for the attack and has not yet disclosed the extent of the breach.
ComputerWeekly.com
2 months ago
Privacy professionals

Rhysida gang stole hundreds of gigabytes of British Library data | Computer Weekly

A cyber criminal gang has published a 573GB tranche of data stolen from the British Library in a ransomware attack.
The published data comprises 90% of what was stolen, indicating that the criminals have likely already sold some of the data.
SecurityWeek
2 months ago
Information security

Five Cybersecurity Predictions for 2024

Compromised credentials are a recurring vulnerability and a primary point of attack in data breaches.
Organizations should prioritize implementing Zero Trust principles to reduce dependency on passwords.
Ransomware attacks are expected to continue and intensify in 2024.
SecurityWeek
2 months ago
Privacy professionals

Police Dismantle Major Ukrainian Ransomware Operation

The authorities have dismantled a major ransomware operation based in Ukraine, arresting the alleged ringleader and four key accomplices.
The operation targeted thousands of entities across 71 countries, disrupting the operations of large corporations.
The suspects used multiple ransomware families and various tactics, including SQL injections and phishing emails, to gain access to networks.
www.theguardian.com
3 months ago
Privacy professionals

Rhysida, the new ransomware gang behind British Library cyber-attack

Rhysida, a new ransomware gang, claimed responsibility for an attack on the British Library.
Ransomware gangs now use double extortion, stealing data and threatening to release it online to strengthen their negotiating position.
Rhysida has also targeted government institutions in Portugal, Chile, Kuwait, and a US hospital group.
BleepingComputer
3 months ago
Privacy professionals

Canadian government discloses data breach after contractor hacks

Sensitive information belonging to government employees in Canada has been exposed in two separate hacking incidents.
The breaches affected contractors Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services.
The LockBit ransomware group has claimed responsibility for breaching SIRVA's systems and leaking stolen documents.
CyberScoop
3 months ago
Privacy professionals

Ransomware groups rack up victims among corporate America

Firms like Boeing are being breached by cybercriminals in a string of attacks.
Hacking groups are successfully breaching well-resourced corporations and stealing data.
A vulnerability in Citrix software is being exploited by ransomware groups to carry out these attacks.
Dark Reading
3 months ago
Privacy professionals

Scattered Spider Hops Nimbly from Cloud to On-Prem in Complex Attack

The group behind the MGM cyberattack has launched another sophisticated ransomware attack.
The attackers used a socially-engineered MFA fatigue attack to gain access to the target organization's network.
BBC News
3 months ago
Privacy professionals

British Library: Employee data leaked in cyber attack

The British Library experienced a cyber attack in October, resulting in the leak of employee data.
The Rhysida ransomware group is claiming responsibility for the attack and plans to auction off the stolen data.
The British Library has stated that the leaked data appears to be from internal HR files, but has no evidence that user data was compromised.
ComputerWeekly.com
3 months ago
Privacy professionals

Canada's Mounties among government employees hit by LockBit | Computer Weekly

A major cyber incident in Canada has exposed the personal data of thousands of public sector workers, including RCMP officers.
The attack targeted two suppliers of personnel relocation services, BGRS and SIRVA, who work with the Canadian government.
LockBit ransomware was involved in the attack and claimed to have stolen 1.5TB of documents.
Engadget
3 months ago
Privacy professionals

Smarter public transit comes at the cost of rider anonymity

The New York MTA's tap-and-go system allowed anyone to track specific riders' locations, highlighting a larger issue of data collection in public transit systems.
Personal data collected by transit agencies can be sold to advertisers or shared with law enforcement.
Ransomware attacks on transit agencies pose a risk to both the agencies and the personal data of riders.
Dark Reading
3 months ago
Information security

Citrix Bleed Bug Inflicts Mounting Wounds, CISA Warns

Ransomware affiliates are increasingly targeting the Citrix Bleed vulnerability, prompting warnings from CISA and Citrix to address the issue.
The Citrix Bleed bug allows threat actors to bypass password requirements and multifactor authentication, leading to session hijacking and unauthorized access to data and resources.
LockBit 3.0 gang and its affiliates have formed a 'strike team' specializing in weaponizing Citrix Bleed, potentially staffed by teenagers.
SecurityWeek
3 months ago
Privacy professionals

In Other News: Major Law Firm Hacked, Chinese Bank Pays Ransom, PyPI Security Audit

Law firm Allen & Overy targeted by ransomware group
Ransomware gang claims major Chinese bank paid ransom
European police take down vishing gang that made €9 million
Ars Technica
3 months ago
Privacy professionals

Ransomware group reports victim it breached to SEC regulators

Ransomware group AlphV has reported a victim to the US Securities and Exchange Commission (SEC) in an effort to pressure them to pay the ransom.
AlphV claimed to have breached the network of MeridianLink, a publicly traded digital lending company, and filed a complaint with the SEC regarding a failure to disclose the breach.
The tactic is likely a way for AlphV to capitalize on the anxiety caused by the SEC's recent actions against SolarWinds.
ComputerWeekly.com
3 months ago
Privacy professionals

Ransomware gang grasses up uncooperative victim to US regulator | Computer Weekly

ALPHV/BlackCat ransomware cartel is now reporting victims to regulatory authorities as a tactic to pressure cooperation.
California-based supplier MeridianLink was attacked by BlackCat ransomware, who subsequently filed a complaint against them with the SEC.
The complaint alleges that MeridianLink failed to disclose a significant breach within the stipulated time frame required by new SEC rules.
TechCrunch
3 months ago
Privacy professionals

US says Royal ransomware gang plans 'Blacksuit' rebrand | TechCrunch

The U.S. government believes that the Royal ransomware gang is preparing to rebrand or spin off with a new name called Blacksuit.
Sanctions imposed by the U.S. and U.K. governments are likely affecting the gang's ability to profit from ransomware.
Theregister
3 months ago
Privacy professionals

Google Workspace weaknesses allow plaintext password theft

Researchers have exposed novel weaknesses in Google Workspace that could lead to ransomware attacks, data exfiltration, and password decryption.
Google has stated that these weaknesses fall outside of their threat model and will not receive security fixes.
The vulnerabilities rely on compromised local machines and are not considered Google-specific bugs.
[ Load more ]