News - The Data Breach Times

January 26, 2024

906 views 2 mins 0

Looking Ahead to the FTC’s Implementation of the Data Breach Notification Rule for Nonbanking Financial Institutions

From the law firm of Polsinelli PC: Beginning on May 13, 2024, nonbanking “financial institutions” must notify the Federal Trade Commission (“FTC”) within 30 days of discovering a data breach involving the nonpublic personal information of at least 500 consumers. These covered organizations can include a wide variety of companies that engage in financial activities […]

Data Breach News, News

January 25, 2024

382 views 3 mins 0

HPE: Russian hackers breached its security team’s email accounts

Bleeping Computer reports: Hewlett Packard Enterprise (HPE) disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company’s Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments. Midnight Blizzard, aka Cozy Bear, APT29, and Nobelium, is a Russian state-sponsored hacking group believed to be part […]

Data Breach News, Consumer Alerts, News

January 24, 2024

1310 views 42 secs 0

Mother of all breaches reveals 26 billion records: what we know so far

Cybernews reports: The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak, which contains LinkedIn, Twitter, Weibo, Tencent, and other platforms’ user data, is almost certainly the largest ever discovered. There are data leaks, and then there’s this. A supermassive Mother […]

Commentaries and Analyses, Malware Ransomware, News

January 24, 2024

1144 views 4 mins 0

University of Twente Maps Decision-Making Process for Ransomware Victims

From the university’s press release about their research into factors related to whether ransomware victims decide to pay ransom or not — and how much they pay if they do decide to pay: The UT investigated the decision-making process of victims who had to pay ransoms during ransomware attacks. UT researcher Tom Meurs and his […]

Consumer Alerts, News

January 24, 2024

932 views 2 mins 0

Doxxing You for 25 Bucks

404 Media and Court Watch report: Authorities charged a man from Baltimore on Monday with allegedly running a so-called TLO data service, a tool that makes it incredibly easy for hackers and other criminals to dox nearly anyone in America quickly and for cheap. Chouby Charleron allegedly sold the personal identifying information (PII), including Social […]

Data Breach News, Healthcare, Malware Ransomware, News

January 23, 2024

2235 views 14 secs 0

Patients Extorted Over Photos Sue Doctors for Security Failures

Bloomberg Law reports: Pilfered snapshots of patients baring their bodies ahead of life-saving cancer operations and plastic surgeries are unexpectedly landing in the vast landscape of the public internet after cyberattacks, as hackers seek new ways to turn a profit. Campaigns to extort victims during ransomware attacks against health-care providers are evolving, according to lawsuits […]

Data Breach News, Malware Ransomware, News

January 23, 2024

898 views 53 secs 0

‘Deliberate, malicious’: Medibank praises government for pursuing Russian hacker.

The Herald Sun reports: Medibank has thanked the Albanese government for pursuing the Russian hacker behind Australia’s worst cyber attack, although a leading IT security expert warns it is unlikely to deter further data breaches. The government named Russian man Aleksandr Ermakov as the perpetrator of the October 2022 Medibank data breach, imposing new sanctions on the […]

News, Data Breach News

January 20, 2024

927 views 37 secs 0

Microsoft network breached through password-spraying by Russian-state hackers

Ars Technica reports: Read more at Ars Technica.

News, Data Breach News

January 18, 2024

1019 views 4 secs 0

CISA pushes federal agencies to patch Citrix RCE within a week

Bleeping Computer reports: Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week. The cybersecurity agency added the flaws to its Known Exploited Vulnerabilities Catalog today, saying that such vulnerabilities are “frequent attack […]

Data Breach News, Commentaries and Analyses, News

January 18, 2024

987 views 13 secs 0

How SolarWinds Responded to the 2020 SUNBURST Cyberattack

From the Harvard Business Review: In December of 2020, SolarWinds learned that they had fallen victim to hackers. Unknown actors had inserted malware called SUNBURST into a software update, potentially granting hackers access to thousands of its customers’ data, including government agencies across the globe and the US military. General Counsel Jason Bliss needed to […]