LATEST POST
CISA orders federal agencies to secure Microsoft cloud systems after ‘recent’ intrusions
For a while, it was just a recommendation. Now it’s mandatory. Federal civilian agencies were ordered to secure their Microsoft cloud systems after several recent cyber incidents. The Cybersecurity and Infrastructure Security Agency (CISA) issued a binding directive on Tuesday giving federal agencies a series of deadlines to identify cloud systems, implement assessment tools and abide by […]
Nebraska AG files lawsuit against Change Healthcare
It is the first lawsuit filed by a state attorney general against Change Healthcare over the February breach that affected 100,000 Americans. From the state’s December 16 press release: Download the court filing.
Texas Tech University System data breach impacts 1.4 million patients
Another major US hospital system recently suffered a cyberattack. Bleeping Computer reported: The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. The organization is a public, academic health institution that is part of the Texas Tech […]
Irish Data Protection Commission fines Meta €251 Million
A press release from the DPC explains the penalty:
SEC Charges Flagstar for Misleading Investors About Cyber Breach
ADMINISTRATIVE PROCEEDINGFile No. 3-22360 December 16, 2024 – The Securities and Exchange Commission today filed settled charges against Flagstar Bancorp, Inc. (now known as “Flagstar Financial, Inc.”), for making materially misleading statements regarding a cybersecurity attack on Flagstar’s network in late 2021 (the “Citrix Breach”). The SEC’s order finds that Flagstar negligently made materially misleading statements […]
Deloitte Sued Over Breach of Rhode Island Government Benefits Recipient Data
Deloitte has been getting its name in the news this month, but not in a good way. First, a ransomware group named “Brain Cipher” claimed to have attacked Deloitte UK. Deloitte responded to their claims by denying that their network was breached and stating that the breach involved a single client’s system that is not […]
Clop ransomware claims responsibility for Cleo data theft attacks
There is an update to the reports of a Cleo file transfer vulnerability being exploited by hackers. Bleeping Computer reports that the same actors who were responsible for the massive MoveIT breach have also claimed responsibility for the Cleo breach: The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo […]