The Record reports: Ransomware hackers stole the Social Security numbers and health insurance information for more than 740,000 people during an attack on a prominent Michigan hospital network. McLaren Health Care filed documents on Friday concerning a ransomware attack that took place in August 2024 — the second cyber incident to impact the healthcare giant in 12 months. The […]
Reuters reports: A U.S. judge granted preliminary approval on Friday to a $177-million settlement that resolves lawsuits against AT&T T.N over breaches in 2024 that exposed personal information belonging to tens of millions of the telecom company’s customers. U.S. District Judge Ada Brown in Dallas said in a ruling that the class-action settlement was fair and reasonable. […]
Bleeping Computer responds to headlines from another site: News broke today of a “mother of all breaches,” sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks. To be clear, this is not a […]
Insurance Business Magazine reports: British insurers are bracing for an escalating wave of cyberattacks after one of the world’s most notorious hacking groups, Scattered Spider, has pivoted from raiding retailers to targeting insurance and financial services companies on both sides of the Atlantic. Google’s Threat Intelligence Group has issued a fresh warning, saying it had […]
Jeremiah Fowler, discovered and reported to Website Planet about an unencrypted and non-password-protected database that contained 170,360 records with a total size of 116.24GB. Fowler reports: Fowler reports that although the data appear to belong to Income Property Investments Inc., he could not determine whether they are responsible for the data storage misconfiguration or if a vendor […]
The Wall Street Journal reports: A cyberattack on the Washington Post compromised email accounts of several journalists and was potentially the work of a foreign government, company officials told some affected staffers in recent days, according to people familiar with the situation. Staffers were told the intrusions compromised journalists’ Microsoft accounts and could have granted the intruder […]
The Record reports: Ransomware gangs have been exploiting a vulnerability in remote device control software SimpleHelp during a recent string of attacks, according to federal cybersecurity officials. The Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday that CVE-2024-57727 — a vulnerability affecting SimpleHelp’s widely-used remote access tools — was exploited to “compromise customers of […]
From the U.S. Department of Justice, Office of Public Affairs: A former CIA analyst was sentenced today to 37 months in prison for unlawfully retaining and transmitting Top Secret National Defense Information to people who were not entitled to receive it, information which was publicly posted on social media platforms in October 2024. According to […]
The New York Post reports: Whole Foods reportedly directed workers to downplay increasingly empty aisles after a cyberattack on its main distributor crippled deliveries and sent ripple effects through the retail food supply chain. The Amazon-owned supermarket chain posted vague notices about “temporary supply challenges” as frustrated customers were greeted with bare shelves at several locations, according […]
The Daily Record reports an appellate decision that is probably quite a relief to Marriott International: The U.S. Court of Appeals for the 4th Circuit has reversed a lower Maryland court’s recertification of plaintiff classes in a pair of consolidated lawsuits filed against Marriott and an information technology service provider for a 2018 data breach, handing down a major […]
