Update of December 5: A federal judge granted early approval to a $30 million settlement. The case is In re 23andMe Inc Customer Data Security Breach Litigation, U.S. District Court, Northern District of California, No. 24-md-03098. The official settlement website will be at https://www.23andmedatasettlement.com/ where those affected can get information on who is eligible to […]
Released: September 12, 2024 WASHINGTON – Today, as part of their public service announcement (PSA) series to put potential election day cyber related disruptions during the 2024 election cycle into context for the American people, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) jointly issued the Just So You Know: False Claims of Hacked Voter […]
A hacker claims to have stolen 440 GB of data from cybersecurity firm Fortinet, exploiting an Azure SharePoint vulnerability. The breach, dubbed “Fortileak,” was revealed on a forum with access credentials shared online. HackRead reports: Dubbed Fortileak by the hacker, the breach allegedly originates from an exposure in Fortinet’s Azure SharePoint instance. In the forum post, the […]
A blockbuster proposed settlement has been announced involving a ransomware attack last year. The ransomware attack by BlackCat resulted in 134,000 patients of Lehigh Valley Health Network having their data accessed, exfiltrated, and in some cases, leaked online. Distressingly, the threat actors cruelly leaked nude photos of identifiable cancer patients as part of the incident. […]
If you rented a car from Avis, you may be receiving a notification letter about an August data breach they experienced. Bleeping Computer explains: American car rental giant Avis notified customers that unknown attackers breached one of its business applications last month and stole some of their personal information. According to data breach notification letters sent to […]
On Thursday, the Department of Justice announced it had unsealed an indictment alleging six Russian nationals with conspiracy to commit computer intrusion and wire fraud conspiracy. Five of the defendants were officers in Unit 29155 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces. The […]
Iran International reports: An Iranian entity paid hackers $3 million in ransom to dissuade them from releasing the data of over 20 hacked banks, Politico reported, confirming Iran International’s earlier report about the “biggest-ever” cyberattack on Iran’s banking system. Iran International reported on August 14 that the major cyberattack targeted several Iranian banks, leading to […]
Bloomberg reports an update on the cyberattack of the WazirX cryptocurrency exchange. The attack, suspected to be linked to the Lazarus Group in North Korea, resulted in the theft of $234 million from the Indian exchange and left WazirX announcing that they were unlikely to recover 43% of the stolen funds. The attacker behind India’s […]
Risky Biz News reports: The FTC has fined security camera firm Verkada $2.95 million for failing to implement cybersecurity measures to protect its systems. The fine is related to a March 2021 security breach when a hacker accessed customer data and video footage from over 150,000 Verkada cameras. The hacker used the cameras to access and leak footage from psychiatric hospitals, […]
There are those who may say, “Better late than never.” There are probably also those who say, “How should egregiously late notification be punished?” SC Media reports that some people are first being notified of the 2023 MOVEit data breach: The Texas Dow Employees Credit Union (TDECU) on Aug. 23 sent letters to more than […]
