Even companies that invest a lot in security can get hit — and hit hard. In this week’s news, perhaps the biggest story involves Microsoft and Russia. The Associated Press reports: Microsoft said Friday it’s still trying to evict the elite Russian government hackers who broke into the email accounts of senior company executives in November […]
Published by the U.S. Department of Health and Human Services on March 5, 2024:
There are many instances where businesses take a hit on their revenues after a breach, but then bounce back fairly quickly. Here’s an example where one victim hasn’t bounced back after a costly breach. The Telegraph reports: The outsourcing giant that collects the BBC licence fee has slumped to a £107m loss after it was hacked […]
UnitedHealth’s response to ongoing problems from a ransomware attack are being criticized by the American Hospital Association (AHA) and American Medical Association (AMA). Both organizations have issued letters or press releases. Modern Healthcare reports: AHA President and CEO Richard Pollack said Change Healthcare parent company UnitedHealth Group’s temporary loan program misses the mark in a letter sent Monday […]
DarkReading reports: American Express is notifying its customers that their credit cards were exposed in a breach involving a third-party service provider. In a data breach notification filed with the state of Massachusetts, the American bank holding and financial services company notes that its own systems were not compromised by the incident. The breach instead occurred through […]
So far, the CryptoChameleon phishing scam has successfully phished over 100 victims, with many still active. Lookout has discovered a multi-pronged phishing campaign, dubbed “CryptoChameleon,” that mimics legitimate login pages for cryptocurrency platforms and the Federal Communications Commission (FCC) via mobile devices. The kit uses carbon copies of SSO pages and phishing via email, SMS, and […]
When law enforcement from the U.K.’s National Crime Agency, the FBI, and others in “Operation Cronos” disrupted LockBit3.0’s ransomware operations and seized 34 of their servers, it was understandably big news. Within days, however, LockBit had set up new infrastructure and listed some victims. They also issued a response to the FBI that claimed that […]
The attack on United Healthcare’s Change Healthcare unit continues to cause major problems. Pharmacies are struggling to fill prescriptions, patients cannot get their medications, and payment processes for providers are impacted. The problems began February 21 after hackers, subsequently identified as the AlphV (BlackCat) group, gained access to UnitedHealth’s Change Healthcare unit. How they gained […]
DataBreaches.net reports: On February 16, BlackCat added loanDepot to their dark web leak site, but without any data as proof. At the time, they claimed that LoanDepot had shown up in the negotiation chat, and had offered $6 million for the data and a decryptor, but allegedly claimed they could offer more after the weekend. […]
If you’re thinking of paying a ransom demand, think again.
For years now, law enforcement has been urging victims of ransomware attacks not to pay ransom. Their explanations are simple: (1) criminals do not keep their word to delete any data they have stolen from you, (2) criminals will not keep their word not to attack you again, and (3) paying criminals encourages them to […]