DarkReading reports: American Express is notifying its customers that their credit cards were exposed in a breach involving a third-party service provider. In a data breach notification filed with the state of Massachusetts, the American bank holding and financial services company notes that its own systems were not compromised by the incident. The breach instead occurred through […]
So far, the CryptoChameleon phishing scam has successfully phished over 100 victims, with many still active. Lookout has discovered a multi-pronged phishing campaign, dubbed “CryptoChameleon,” that mimics legitimate login pages for cryptocurrency platforms and the Federal Communications Commission (FCC) via mobile devices. The kit uses carbon copies of SSO pages and phishing via email, SMS, and […]
When law enforcement from the U.K.’s National Crime Agency, the FBI, and others in “Operation Cronos” disrupted LockBit3.0’s ransomware operations and seized 34 of their servers, it was understandably big news. Within days, however, LockBit had set up new infrastructure and listed some victims. They also issued a response to the FBI that claimed that […]
The attack on United Healthcare’s Change Healthcare unit continues to cause major problems. Pharmacies are struggling to fill prescriptions, patients cannot get their medications, and payment processes for providers are impacted. The problems began February 21 after hackers, subsequently identified as the AlphV (BlackCat) group, gained access to UnitedHealth’s Change Healthcare unit. How they gained […]
DataBreaches.net reports: On February 16, BlackCat added loanDepot to their dark web leak site, but without any data as proof. At the time, they claimed that LoanDepot had shown up in the negotiation chat, and had offered $6 million for the data and a decryptor, but allegedly claimed they could offer more after the weekend. […]
HHS generally does not rush to issue any notice about a cyberattack, but today, they issued a quick one about Change Healthcare: U.S. Department of Health and Human Services (HHS) is aware that a cyber incident was identified in Optum Insight’s Change Healthcare’s technology systems on February 21. HHS is working closely with Optum Insight […]
Some ransomware gangs demand millions of dollars in ransom or even tens of millions of dollars. Even smaller businesses, non-profit organizations, and public school districts have increasingly become victims of cyberattacks because they are easy targets with poor defenses against attackers. Do you want your system unlocked? Do you want your data back or deleted […]
Iran News Update reports a dissident group called “Uprising Till Overthrow” managed to breach the servers and websites associated with the Iranian regime’s parliament. The leak of documents with the lawmakers’ salaries on social media has created quite a stir: Among the most significant revelations were documents containing correspondence and salary records of the 226 […]
Tech Times reports: A study by researchers from the University of Minnesota and George Mason University has reportedly claimed that US cybersecurity laws on breach notifications have little to no effect on curbing data breach incidents in the country. The legislation that requires businesses to tell customers if their data has been compromised, known as breach notification laws (BNLs), enacted by governments of […]
If you’re thinking of paying a ransom demand, think again.
For years now, law enforcement has been urging victims of ransomware attacks not to pay ransom. Their explanations are simple: (1) criminals do not keep their word to delete any data they have stolen from you, (2) criminals will not keep their word not to attack you again, and (3) paying criminals encourages them to […]