The Daily Record reports an appellate decision that is probably quite a relief to Marriott International: The U.S. Court of Appeals for the 4th Circuit has reversed a lower Maryland court’s recertification of plaintiff classes in a pair of consolidated lawsuits filed against Marriott and an information technology service provider for a 2018 data breach, handing down a major […]
The Times of India reports that the hacker responsible for leaking sensitive personal data of 31 million customers of Star Health last year claimed responsibility for sending death threats and bullet cartridges to the company’s chief executive and finance head. The hacker detailed these actions, described as reprisals against Star Health and Allied Insurance Company, […]
DataBreaches.net reports: He’s just a frail-looking teenager, but he sent threatening emails to get his victims to pay his extortion demands. Today, 19 year-old Assumption College student Matthew Lane waived indictment and pleaded guilty in a Worcester courtroom to hacking an unnamed telecom company and an unnamed edtech vendor, widely known to be PowerSchool. As per the plea […]
Vodafone GmbH has been hit with a massive fine by the German data protection agency for privacy and data security violations. BleepingComputer reports: The German data protection authority (BfDI) has fined Vodafone GmbH, the telecommunications company’s German subsidiary, €45 million ($51.4 million) for privacy and security violations. “Due to malicious employees in partner agencies who […]
The Record reports that a hacking group known as BO Team or Black Owl has emerged as a major threat to Russia: A little-known hacking group has emerged as a major threat to Russian state institutions and critical industries, carrying out attacks aimed at causing maximum disruption and extracting financial gain, according to a new […]
Ransomware gangs will swear not to reveal that you were a victim if you pay their ransom demands. SBut if they fail to secure their negotiation chat servers, researchers and intel analysts can discover who their victims are and shoulder-surf any negotiations or payment arrangements. The SuspectFile blog reports on another case like that where […]
The Register reports that a mystery whistleblower calling himself “GangExposed” has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names. The leaks include thousands of chat logs, personal videos, and ransom negotiations tied to some of the most notorious cyber-extortion gangs —believed to have raked […]
‘ConnectWise recently learned of suspicious activity within our environment that we believe was tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers‘ — ConnectWise statement The Record reports: IT management software company ConnectWise said it is investigating a nation-state attack on its systems that impacted some of its […]
Personal information on more than 364,000 people may have been compromised as part of a third-party hack. Fast Company reports: Data analytics firm LexisNexis Risk Solutions said it suffered a data breach that could have affected the names, Social Security numbers, driver’s license numbers, and contact information of more than 364,000 people. The company said […]
PYMNTS reports: American banking groups want the Securities and Exchange Commission (SEC) to revoke its cybersecurity incident disclosure requirements. These groups, led by the American Bankers Association (ABA), wrote to the SEC last week, contending that disclosing cybersecurity incidents “directly conflicts with confidential reporting requirements intended to protect critical infrastructure and warn potential victims.” Joining the ABA were the Securities Industry […]
