TechCrunch reports on another big breach related to the Snowflake incident: U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of “nearly all” of its customers, a company spokesperson told TechCrunch. In a statement, AT&T said that the […]
by Craig Silverman, ProPublica ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for The Big Story newsletter to receive stories like this one in your inbox. This story was originally published on ProPublica. Series: Zero Trust:Inside Microsoft’s Cybersecurity Failures Investigating how the world’s largest software provider handles the security of its own ubiquitous products. […]
It seems that those involved in hacking Snowflake customers like Ticketmaster took a second look at the data they acquired, did a little happy dance, and upped their extortion demands. They may have danced too soon. Bleeping Computer reports: Hackers have leaked what they claim is Ticketmaster barcode data for 166,000 Taylor Swift Eras Tour […]
HackRead reports that ShinyHunters has claimed responsibility for attacks on Twilio Authy, Neiman Marcus, and Truist Bank and has leaked data from all three. The infamous ShinyHunters hacking group, known for their recent Ticketmaster data breach, has struck again with a series of new attacks. This time, they have targeted Neiman Marcus, a renowned American luxury […]
Despite some calls to ban ransomware payments in hopes that criminals will abandon financially motivated ransomware attacks, finding a way to get everyone to comply with any such ban has seemed challenging, to say the least, and there has been a lot of pushback. Now, one more expert with clout has suggested that the idea […]
In late January, Lurie Children’s Hospital took its phones, email, electronic health records system, and patient portal offline to deal with a ransomware attack. As a result, some patient care was disrupted or delayed. The hospital would not meet the threat actor’s demands for more than $3 million, and it wasn’t until a month later […]
The Supreme Court issued a decision today that could limit federal agencies attempting to impose fines for data security violations or breaches. Although the decision in Securities and Exchange Commission v. Jarkesy did not involve data security or a data breach, the issue before the court involved the agency’s authority to charge someone with a violation […]
Researchers at Sentinel Labs and Recorded Future report that Chinese-linked cyberespionage campaigns are increasingly deploying ransomware. CyberScoop reports that their research suggests that ransomware is reportedly used in the final stage of cyberespionage operations to either make money, distract adversaries, or make it more difficult to attribute their work: The report that Chinese hackers are […]
Data Breach Review – What is It, Who Does It, and What to Watch Out For As noted in the Overview of this series, if an investigation into a breach indicates that personally identifiable information (PII) or protected health information (PHI) was involved, a data breach review is required. The Data Breach Times turned to […]
AT&T Allegedly Pays Ransom After Snowflake Account Breach
“What will it take for victims of ransomware, extortion and other types of cybercrime to stop directly funding their attackers?” That’s the great question posed by BankInfoSecurity after WIRED reported AT&T paid hackers $370,000 to delete the data they had stolen. BankinfoSecurity reports: How many of the approximately 165 victims of the campaign targeting Snowflake […]