LATEST POST
MOVEit fallout continues: National Student Clearinghouse discloses for 900 schools affected
The figures for the MOVEit data breach continue to rise to alarming heights. The Record reports: The National Student Clearinghouse (NSC) reported that nearly 900 colleges and universities across the U.S. had data stolen during attacks by a Russia-based ransomware gang exploiting the popular MOVEit file-sharing tool. The nonprofit manages educational reporting, data exchange, verification, […]
Ransomware Group Claims To Have ‘Compromised All Sony Systems,’ Sony investigating (Update 1)
Over the weekend, a new ransomware group called Ransomed.vc claimed it compromised Sony. The original listing, which has since been replaced, listed a date of September 28, suggesting that if there was no resolution or payment by then, data would be leaked or sold. In an updated listing with a date of September 26, they […]
MGM and Caesars have big cyberinsurance policies, but small businesses need cyberinsurance too
At least five class-action lawsuits were filed last week against the two Las Vegas entertainment giants following data breaches reportedly by the same group of threat actors. As Digital Insurance reports, Okta, an identity and access management company used by both firms, issued an advisory in August about hackers tricking IT service staff into resetting […]
Twin cyberattacks but different incident responses: Comparing MGM Resorts and Caesars
As an article in DarkReading highlights, it’s tempting to compare the incident responses by MGM Resorts and Caesars Entertainment to their recent cyberattacks because both are the same kind of entity and both were victims of the same threat actors (Scattered Spider/AlphV). But: Caesars quickly negotiated with the cyberattackers, and handed over a $15 million ransom payout, which […]
Ransomware is not just attacking companies. Grandma and Grandpa can get hit, too.
Researchers have noted two new types of ransomware that appear to be hitting Windows users — Windows users like Mom and Pop on their home computers. They, too, can wake up to find that all of their personal files have been locked and there’s a ransom note demanding hundreds of dollars or $1,000.00 to get […]
No, T-Mobile has not had two more data breaches this month, but maybe just one small leak?
T-Mobile has had so many data breaches over the years that it’s somewhat understandable that people may rush to assume that something is a breach of their system when it was not. This week, we heard of two situations like that. The first involved customers reporting that after they logged in to T-Mobile’s app, they […]
College agrees to spend $3.5 million to improve cybersecurity to settle state claims of violations of state and federal laws
When New York State Attorney General Letitia James announced a settlement with Marymount Manhattan College stemming from a data breach in 2021, some people discussing the case online were surprised that a state could go after a non-profit college that way, and they wondered if the state could get that kind of settlement with a […]
Department of Homeland Security Pushes for Common Cyber Incident Reporting Definitions
The U.S. Department of Homeland Security has released a report, “Harmonization of Cyber Incident Reporting to the Federal Government.” The report, which was released on Sept. 19, notes that there are currently dozens of cyberattack reporting requirements at the federal level. DHS is seeking to come up with a manageable and solution: … this report […]