Because so many firms outsource to India, it is interesting to note the average cost of a data breach in India may be less than in the U.S., but still significant. Financial Express Online reports: According to a report from the Reserve Bank of India (RBI) released on Monday, the average cost of a data […]
GovInfoSecurity reports that software vendor MCG Health has agreed to pay $8.8 million to settle a consolidated proposed federal class action lawsuit involving a 2020 hacking incident. The Seattle-based firm provides patient care guidelines to providers and health care plans. In a June 2022 announcement, they claimed that on March 25, 2022, they determined that an […]
Following up on recent reports that threat actors were capitalizing on the CrowdStrike glitch by using phishing attacks to obtain credentials or spread malware, CrowdStrike reported yesterday: On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis […]
It’s been a rough time for federal agencies. First the Supreme Court undid 40 years of Chevron deference. Now a federal judge has gutted the Security and Exchange Commission’s lawsuit against SolarWinds. Reuters reports: A U.S. judge dismissed most of a Securities and Exchange Commission lawsuit accusing software company SolarWinds (SWI.N), opens new tab of defrauding investors […]
404 Media reports: John Binns, a U.S. citizen who has been incarcerated in Turkey, is linked to the massive data breach of metadata belonging to nearly all of AT&T’s customers that the telecommunications giant announced on Friday, three sources independently told 404 Media. The breach, in which hackers stole call and text records from a […]
The Verge reports that self-described hacktivists claim to have snagged internal messages from Disney: Over a terabyte of data supposedly obtained from Disney’s internal messaging channels has been leaked online by a self-proclaimed “hacktivist group,” including login credentials, code, images, and information about unreleased projects. The anonymous group calling itself Nullbulge has claimed responsibility for the […]
In May 2024, mSpy suffered a data breach when unknown individuals managed to steal millions of customer support tickets. Customer data from the phone tracking app back to 2014 was involved. TechCrunch analyzed the leaked dataset — more than 100 gigabytes of Zendesk records — and reports: Some of the email addresses belong to unwitting […]
TechCrunch reports on another big breach related to the Snowflake incident: U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of “nearly all” of its customers, a company spokesperson told TechCrunch. In a statement, AT&T said that the […]
by Craig Silverman, ProPublica ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for The Big Story newsletter to receive stories like this one in your inbox. This story was originally published on ProPublica. Series: Zero Trust:Inside Microsoft’s Cybersecurity Failures Investigating how the world’s largest software provider handles the security of its own ubiquitous products. […]
AT&T Allegedly Pays Ransom After Snowflake Account Breach
“What will it take for victims of ransomware, extortion and other types of cybercrime to stop directly funding their attackers?” That’s the great question posed by BankInfoSecurity after WIRED reported AT&T paid hackers $370,000 to delete the data they had stolen. BankinfoSecurity reports: How many of the approximately 165 victims of the campaign targeting Snowflake […]