Two auto insurance companies will pay over $11 million to New York after data from over 120,000 New York customers was leaked in a November 2020 cyber attack that allowed hackers to exploit the state’s unemployment system. Government Technology reports: Both GEICO and Travelers, major national insurance companies, will pay penalties for their poor data […]
Associated Press reports that a ransomware attack that hit Blue Yonder last week has caused disruptions for a number of companies in the U.S. and the U.K., including Starbucks and grocery giant Morrisons: Blue Yonder, which provides supply chain technology to a range of brands worldwide, said that it experienced disruptions to services it manages […]
U.S. prosecutors unveiled criminal charges on Wednesday against five alleged members of Scattered Spider, a community of young hackers suspected of breaking into dozens of U.S. companies to steal confidential information and cryptocurrency. Reuters reports: Martin Estrada, the U.S. Attorney in Los Angeles, said the defendants conducted phishing attacks by sending bogus but real-looking mass […]
DW reports that Germany’s Federal Court of Justice (BGH), which is Germany’s highest civil court, has ruled that victims of a Facebook data breach could be entitled to compensation: The court in the southwestern city of Karlsruhe, Germany’s highest court for civil cases, said that the basic loss of control over data online was grounds for […]
Employee eligibility verification solutions provider Form I-9 Compliance suffered a data breach on February 5, 2024. Its impact is way, waaaaay bigger than initially reported. Security Week reports: In late May, the company started informing customers that someone had gained unauthorized access to its network in early February. The intrusion was detected on April 12 […]
The MOVEit breach was one of the biggest breaches of 2023. Cl0p threat actors exploited vulnerabilities in the file transfer software and exfiltrated massive amounts of data from entities in all sectors. Now data from Amazon and almost three dozen other MOVEit victim entities is being leaked on BreachForums by a forum user calling themself […]
The suspected ransomware attack Halliburton experienced in August had already cost it $35 million by the end of September, the oilfield service giant disclosed. Security Week reports: The incident came to light on August 22, when Halliburton, one of the world’s largest oilfield service providers, confirmed unauthorized access to some of its systems. The company immediately launched […]
When BlackCat pulled an exit scam in February after extorting Change Healthcare for $22 million, people started speculating how long it would be before they re-branded and re-emerged. We may have an answer now. The Register reports that both BlackCat (aka ALPHV) and Scattered Spider appear to be back: In October, security firm ReliaQuest responded […]
The Hacker News reports a significant arrest: Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander “Connor” Moucka (aka Judische and Waifu), was apprehended on October 30, 2024, on the […]
Bleeping Computer reports that Interbank has confirmed a data breach after a threat actor started leaking data online. Even though the bank has yet to disclose the exact number of customers whose data was stolen or exposed in the breach, as first spotted by Dark Web Informer, a threat actor who uses the “kzoldyck” handle is […]
