Incidents involving malware or ransomware. In some cases, incidents called “ransomware” do not involve any locking but merely hack, exfiltrate, and attempt to extort.
The Register reports: Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first. A Chinese-speaking cybercrime group, dubbed GoldFactory by Group-IB’s researchers, started distributing trojanized smartphone apps in June 2023, however, the latest GoldPickaxe version has been […]
More than 57,000 people enrolled in Bank of America deferred compensation plans are being notified of a data breach that occurred in early November 2023. The incident involved their Atlanta-based service provider, Infosys McCamish Systems LLC (“IMS”). Bank of America’s system was not affected or compromised. IMS is the U.S. subsidiary of Infosys BPM, an […]
From the university’s press release about their research into factors related to whether ransomware victims decide to pay ransom or not — and how much they pay if they do decide to pay: The UT investigated the decision-making process of victims who had to pay ransoms during ransomware attacks. UT researcher Tom Meurs and his […]
On October 17, 2023, First Financial Security, Inc. (“FFS”_ was the victim of a ransomware attack. The Georgia insurance agency recently notified those affected by the incident that the attack appeared to be an attempt to access and lock all data, including both sensitive and non-sensitive data. “Thankfully, the ransomware attack was not successful in […]
Bloomberg Law reports: Pilfered snapshots of patients baring their bodies ahead of life-saving cancer operations and plastic surgeries are unexpectedly landing in the vast landscape of the public internet after cyberattacks, as hackers seek new ways to turn a profit. Campaigns to extort victims during ransomware attacks against health-care providers are evolving, according to lawsuits […]
The Herald Sun reports: Medibank has thanked the Albanese government for pursuing the Russian hacker behind Australia’s worst cyber attack, although a leading IT security expert warns it is unlikely to deter further data breaches. The government named Russian man Aleksandr Ermakov as the perpetrator of the October 2022 Medibank data breach, imposing new sanctions on the […]
Tip Ranks reports: V.F. Corp., the name behind brands such as The North Face, Timberland, Dickies, and Vans, announced that a cyber incident in December resulted in the data breach of nearly 35.5 million customers. Last month, the cyber incident hampered VFC’s order fulfillment on its eCommerce portal. At the time, the company expected the […]
In its The State of Ransomware in the U.S. report for 2023, Emsisoft opined that the only solution to the ransomware crisis is to completely ban ransomware payments. That recommendation has generated some discussion, and now Becker’s has also reached out to health system CISOs to get their reaction to the recommendation. The majority’s opinion […]
Daryna Antoniuk reports: One of Taiwan’s biggest semiconductor manufacturers has fallen victim to a cyberattack, supposedly carried out by the notorious LockBit ransomware gang. The hackers posted a threatening message on Foxsemicon’s website, stating that they had stolen its customers’ personal data and would publish it on their darknet website if the company refused to […]
New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying
As 2023 drew to a close, a report by Emsisoft made the bold recommendation to impose a flat-out ban on ransom payments in the event of cyberattacks. Their suggestion has spawned a good deal of discussion, including a new report by incident response firm Coveware, who disagrees strongly with the recommendation. The following is just […]