YourErie.com reports: Read more at YourErie.com. Although not mentioned in their report, this incident was reported to the U.S. Department of Health and Human Services on November 9 as affecting 168,921 patients. Also not mentioned on WGH’s website is that the threat actors are known and they are leaking the employee and patient data on […]
SiliconAngle reports: Hackers have stolen the personal data of more than 8.4 million patients from Welltok Inc., a Denver-based company that provides software for healthcare organizations. Welltok first disclosed the breach in October without sharing the full details of the incident. On Wednesday, it revealed that the hackers had stolen information belonging to some 8,493,379 […]
The Record reports on what appears to be another CitrixBleed incident: CTS, a managed service provider (MSP) for law firms in the United Kingdom, is “urgently investigating” a cyberattack that has disrupted its services — potentially leaving hundreds of British law firms unable to access their case management systems. The company announced Friday that it was “experiencing […]
The Straits Times reports: Another South Korean government-run online service suffered an outage on Nov 24, marking the fourth such failure within the past week. A website and mobile applications providing online ID services went down, according to the Ministry of the Interior and Safety. The breakdown in the government’s e-ID service on Nov 24 […]
Americans who hoped to close on home sales this week may have had their hopes dashed by an attack on Fidelity National Financial. The Register reports: Fortune 500 insurance biz Fidelity National Financial (FNF) has confirmed that it has fallen victim to a “cybersecurity incident.” The announcement came in the form of an 8-K filing […]
All too often, attempts at responsible disclosure are ignored or otherwise fail to get data locked down. When those who discover data leaks repeatedly try to get data owners to secure their data but are ignored, they may decide to reveal the leak publicly even though the data are still unsecured. Today’s example is brought […]
Seen on Back End News: Retail organizations faced a growing threat from ransomware attacks, with fewer managing to stop the encryption of their data. Sophos, a cybersecurity leader, revealed that only a quarter of retailers prevented data encryption during attacks in the last year, marking a decline from previous years. This trend indicated a struggle […]
GB Hackers provides one of this week’s examples of the insider threat: The sequence of events sounds like it was taken straight from a movie script. Five software programmers were working late into the night, chatting on their phones while they worked. During the wee hours of October 9, between 1:00 am and 4:00 am, […]
CyberScoop reports: A cybercrime group that has engaged in politically motivated attacks breached a human resources application belonging to Idaho National Laboratory, claiming in a post to Telegram on Sunday that it had obtained detailed information on employees working at the nuclear research lab. The hacking group SiegedSec said it had accessed “hundreds of thousands of user, […]
Earlier today, CISA issued an advisory: StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability. The advisory includes TTPs and IOCs obtained from FBI, ACSC, and voluntarily shared by Boeing following its recent attack by LockBit that resulted in their data being leaked. Boeing observed LockBit 3.0 affiliates exploiting CVE-2023-4966, to obtain initial […]
