News - The Data Breach Times

November 17, 2023

1070 views 3 mins 0

Morgan Stanley agrees to pay $6.5 million to settle charges by six states over two data security incidents

TALLAHASSEE, Fla.—Attorney General Ashley Moody, along with five other attorneys general, secured a $6.5 million agreement with Morgan Stanley Smith Barney LLC, also known as Morgan Stanley. The action comes after an investigation found that Morgan Stanley compromised the personal information of its customers due to negligent internal data-security practices. Morgan Stanley potentially exposed millions […]

Legal News, Malware Ransomware, News

November 16, 2023

567 views 3 mins 0

A ransomware gang files an SEC complaint against its victim for not reporting the breach to the SEC within 4 days

“They did WHAT??” Ransomware gangs will often test ways to pressure victims to pay. But today, threat actors associated with the AlphV (BlackCat) group tested a new approach that is raising eyebrows in the cybersecurity community. When a victim, MeridianLink, didn’t pay them quickly and didn’t even start to negotiate any payment with them, AlphV […]

Data Breach News, News

November 14, 2023

1857 views 35 secs 0

North Carolina County Calls in National Guard After Cyber Attack

What happens when a state bans ransom payments and a county then suffers a cyber attack? A North Carolina county is not saying whether the cyber attack they experienced was a ransomware attack, but they are following the state’s guidelines for how they are responding. The Record reports: A cyberattack on a North Carolina county […]

Data Breach News, Critical Infrastructure, Europe, News

November 14, 2023

1065 views 28 secs 0

Denmark’s Critical Infrastructure Hit With Largest Cyberattack on Record

This time it was Denmark. Who might be next? Bank InfoSecurity reports: Hackers potentially linked to the Russian GRU Main Intelligence Directorate carried out a series of highly coordinated cyberattacks targeting Danish critical infrastructure in the nation’s largest cyber incident on record, according to a new report. SektorCERT, a nonprofit cybersecurity center for critical sectors […]

Consumer Alerts, News

November 12, 2023

995 views 2 mins 0

It’s Still Easy for Anyone to Become You at Experian

Consumers may erroneously assume data brokers and credit reporting agencies have top-notch data security for all the sensitive and important data they store about us. To the contrary, these brokers and firms pose a huge risk to our data security. Investigative reporter Brian Krebs did an exposé last year on Experian. His follow-up post now is […]

Data Breach News, News

November 12, 2023

942 views 16 secs 0

Poloniex crypto-exchange offers 5% cut to thieves if they return that $120M they nicked

Governments may not want hacking victims to negotiate with threat actors or pay ransom, but the founder of a hacked crypto exchange is offering the hacker(s) a reward if they return what they stole. The Register reports: The founder of the Poloniex has offered to pay off thieves who drained an estimated $120 million of […]

Data Breach News, Malware Ransomware, News

November 10, 2023

927 views 31 secs 0

ICBC ransomware attack triggers global regulator, trader scrutiny

Reuters reports: Global regulators and bond traders were on Friday trying to gauge the impact of a ransomware attack on the Industrial and Commercial Bank of China (ICBC), China’s biggest bank, that disrupted trades in the vital U.S. Treasuries market this week. ICBC’s U.S. arm was hit on Thursday in the latest of a string of ransomware […]

Data Breach News, Malware Ransomware, News

November 10, 2023

959 views 52 secs 0

Basically all of Maine had data stolen by a ransomware gang

Engadget reports: The state agencies of Maine had fallen victim to cybercriminals who exploited a vulnerability in the MOVEit file transfer tool, making them the latest addition to the growing list of entities affected by the massive hack involving the software. In a notice the government has published about the cybersecurity incident, it said the event impacted […]

Data Breach News, News, Vulnerabilities

November 09, 2023

1018 views 43 secs 0

Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks

Bleeping Computer reports: Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. SysAid is a comprehensive IT Service Management (ITSM) solution that provides a suite of tools for managing various IT services within an organization. The Clop ransomware is notorious […]

Legal News, News

November 09, 2023

933 views 12 secs 0

NYDFS Amends Cybersecurity Regulation; Some Provisions Go Into Effect December 1

New York State continues to strengthen cybersecurity regulations for financial institutions. New amendments to the Cybersecurity Regulation enacted in 2017 strengthen the regulation and add new security obligations. As Hunton Andrews Kurth summarizes it, “The new amendments strengthen the initial framework and require NYDFS-regulated entities to adhere to a number of additional prescriptive data security […]