LATEST POST
Mortgage firm loanDepot cyberattack impacts IT systems, payment portal
Bleeping Computer reports: U.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans. loanDepot is one of the largest nonbank retail mortgage lenders in the USA, employing approximately 6,000 people and servicing loans of over $140 billion. Read more at Bleeping Computer. Loan […]
Law firm that handles data breaches was hit by data breach
TechCrunch reports: An international law firm that works with companies affected by security incidents has experienced its own cyberattack that exposed the sensitive health information of hundreds of thousands of data breach victims. San Francisco-based Orrick, Herrington & Sutcliffe said last week that hackers stole the personal information and sensitive health data of more than 637,000 […]
Hackers can now take control of your Google Account without needing a password. Here’s how it works
Livemint reports: Cybercriminals have found a way to gain access to people’s Google accounts without needing their password, and the new exploit gives hackers continued access to Google services even after a user’s password has been reset. The new vulnerability was analysed by security firm CloudSEK and reported by The Independent. Furthermore, the issue first […]
Attorney General James Reaches Agreement with Hudson Valley Health Care Provider to Invest $1.2 Million to Protect Patient Data After 2021 Data Breach
From the NYS Attorney General’s Office:
BakerHostetler: 2023 Data Security Incident Response Report
BakerHostetler law firm is well-known for data breach incident response. They write, “Three years ago we set a new industry standard by creating our Digital Assets and Data Management (DADM) practice group, which now has more than 100 attorneys and technologists. Every year we organize and publish our collective insights in this report. It is […]
Mandiant Experiences Irony of Cybersecurity Breach
BNN reports: In an ironic turn of events, Mandiant, a cybersecurity firm owned by Google, fell prey to a security breach on its X social media account on January 3. The attacker, shrouded in anonymity, manipulated the account to unleash a malevolent cryptocurrency-stealing link. […] This incident strikes a raw nerve, particularly given that Mandiant, a […]
‘If you told me to list 10 things that would go wrong, this would not be on the list’: Tiny water authority in Pennsylvania hit by Iranian cyberattack
Fortune reports: The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. It had never had outside help in protecting its systems from a cyberattack, either at its existing plant that dates to the 1930s or the new $18.5 million one it is building. Then it — along with […]
Superintendent Adrienne A. Harris announces $8 Million Penalty Against Genesis Global Trading, Inc. After DFS Investigation Finds Significant Failings in Anti-Money Laundering and Cybersecurity Programs
In connection with the settlement, Genesis Global Trading will surrender its BitLicense New York State Department of Financial Services (DFS) Superintendent Adrienne A. Harris today announced that Genesis Global Trading, Inc. (“Genesis Global Trading”) will pay an $8 million penalty to New York State for compliance failures that violated DFS’s virtual currency and cybersecurity regulations […]