Today’s General Counsel reports: Genetic testing company 23andMe, which is facing more than 30 lawsuits from the victims of a massive data breach, is claiming that the victims themselves are to blame for the loss of their own data, TechCrunch reports. In a letter to hundreds of 23andMe users suing the company, 23andMe said the victims “negligently […]
Bleeping Computer reports: Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week. The cybersecurity agency added the flaws to its Known Exploited Vulnerabilities Catalog today, saying that such vulnerabilities are “frequent attack […]
Daryna Antoniuk reports: One of Taiwan’s biggest semiconductor manufacturers has fallen victim to a cyberattack, supposedly carried out by the notorious LockBit ransomware gang. The hackers posted a threatening message on Foxsemicon’s website, stating that they had stolen its customers’ personal data and would publish it on their darknet website if the company refused to […]
Reuters reports: Veon, the parent company of Ukraine’s largest mobile operator Kyivstar, will take a hit of around 3.6 billion hryvnias ($95 million) in revenue in 2024 due to a massive cyberattack in December, the Dutch telecoms group estimated on Thursday. The estimated lost revenue is associated with measures Kyivstar has taken to compensate customers […]
Troy Hunt of HaveIBeenPwned writes: Read more at TroyHunt.com
Bleeping Computer reports: U.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans. loanDepot is one of the largest nonbank retail mortgage lenders in the USA, employing approximately 6,000 people and servicing loans of over $140 billion. Read more at Bleeping Computer. Loan […]
BakerHostetler law firm is well-known for data breach incident response. They write, “Three years ago we set a new industry standard by creating our Digital Assets and Data Management (DADM) practice group, which now has more than 100 attorneys and technologists. Every year we organize and publish our collective insights in this report. It is […]
BNN reports: In an ironic turn of events, Mandiant, a cybersecurity firm owned by Google, fell prey to a security breach on its X social media account on January 3. The attacker, shrouded in anonymity, manipulated the account to unleash a malevolent cryptocurrency-stealing link. […] This incident strikes a raw nerve, particularly given that Mandiant, a […]
Fortune reports: The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. It had never had outside help in protecting its systems from a cyberattack, either at its existing plant that dates to the 1930s or the new $18.5 million one it is building. Then it — along with […]
How SolarWinds Responded to the 2020 SUNBURST Cyberattack
From the Harvard Business Review: In December of 2020, SolarWinds learned that they had fallen victim to hackers. Unknown actors had inserted malware called SUNBURST into a software update, potentially granting hackers access to thousands of its customers’ data, including government agencies across the globe and the US military. General Counsel Jason Bliss needed to […]