Data Breaches & Incidents News

By Sunny Hoi
  • - 11 July 2020, 11:38 am

    A new paper on Sodinokibi (REvil) ransomware operators by Advanced Intelligence begins: Just about one year ago, the makers of the infamous GandCrab ransomware announced their retirement, having reportedly earned an astonishing $2 billion since their entry into the ransomware market in January 2018. The vacuum was quickly filled, however. Forensic and malware evidence was soon discovered connecting GandCrab’s malware to a new ransomware variant which was about to wreak havoc on a global scale: REvil. REvil’s rise was rapid. It has victimized enterprises and municipal governments alike, having claimed 12.5% of the ransomware market share as of Q2 2019.…Read More

  • - 11 July 2020, 11:38 am

    Samantha Butler-Hassan reports: Kingston’s Royal Military College is one of four military training schools in Canada targeted in a mysterious cyber attack. Discovered on the morning of Friday, Jul. 3, 2020, the attack has temporarily disabled the University’s online network. “It looks like all their core systems got hit,” said David Skillicorn, a professor of computing at Queen’s University. Skillicorn said the attack also affected RMC Saint-Jean in Quebec, the Canadian Forces College in Toronto, and the Chief Warrant Officer Robert Osside Institute. Read more on Kingstonist.Read More

  • - 11 July 2020, 11:38 am

    Maggie Miller reports: President Trump on Friday confirmed for the first time that the U.S. launched a cyberattack on the Russian Internet Research Agency (IRA) in 2018. Trump confirmed the attack in a two-part interview with The Washington Post’s Marc Thiessen. When asked whether the U.S. had launched an attack on the IRA — a troll farm that led the effort to spread disinformation around the 2016 presidential election and 2018 midterm elections — Trump said that was “correct.” Read more on The HillRead More

  • - 11 July 2020, 11:38 am

    Tony Webster reports on how the “BlueLeaks” dump of a hack at Netsential, is impacting Minnesota law enforcement: A trove of Minnesota law enforcement data was published online after hackers broke into the servers of a vendor of the Minnesota Bureau of Criminal Apprehension and Hennepin County Sheriff’s Office. The sensitive information includes details about key Minnesota security and intelligence personnel at every level of government. Also released were personally identifying contact information for security personnel for critical infrastructure sites in Minnesota like nuclear power plants, chemical processing facilities, rail networks, pipelines, hospitals and campuses of major employers and schools.…Read More

  • - 11 July 2020, 11:38 am

    Farouk Arnaz and Heru Andriyanto report on an incident in Indonesia: A man who works at the customer service unit of state-owned telecommunication company Telkomsel was arrested for allegedly stealing personal data of social media sensation Denny Siregar, police said on Friday. The suspect is identified by initials F.P.H., 27, who works at Telkomsel’s Grapari office in Surabaya, East Java. “He has access to personal data of Telkomsel customers,” Chief Comr. Reinhard Hutagaol, a senior investigator at the National Police’s cyber crime unit, told reporters in Jakarta. He said the suspect is an outsourced worker at Grapari with limited access to…Read More

  • - 11 July 2020, 11:38 am

    Ivan Mehta reports: Google-backed Indian hyperlocal delivery service Dunzo said it suffered a data breach that left customer data including email IDs and phone numbers exposed. Dunzo provides pick up and deliver services in over seven cities in India. Read more on The Next Web.Read More

  • - 11 July 2020, 11:02 am

    It took a San Francisco jury six hours to decide once they finally got the case that started in March but was interrupted by the pandemic. Yesterday afternoon, they convicted Yevgeniy Nikulin, 32, of hacking LinkedIn, Dropbox, and Formspring in 2012. Nikulin, who had pleaded not guilty, is scheduled to be sentenced Sept. 29. The government was represented in this case by Michelle Kane and Katherine Wawrzyniak. Nikulin was represented by Adam Gasner and Valery Nechay. Nikulin’s attorney has indicated that there will be an appeal. The defense had tried to raise reasonable doubt by questioning why law enforcement had not investigated…Read More

  • Dark Reading: Attacks/Breaches - 10 July 2020, 9:40 pm

    RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps.Read More

  • Dark Reading: Attacks/Breaches - 10 July 2020, 3:45 pm

    The flaw also affects older versions of the operating system, even if they’re fully patched.Read More

  • - 10 July 2020, 3:03 pm

    Back in March, I pointed readers to a fascinating report by Gemini Advisory concerning the Russian Federal Security Service (FSB) takedown of a top tier marketplace and the arrest of its administrators. At the time, they were confident that the marketplace was BuyBest, and that one of its administrators was Alexey Stroganov (aka “Flint24”). Stroganov’s arrest was a bit of a surprise, as he was thought to be well connected politically, and in any event, it is unusual for FSB to arrest Russian hackers if they are not targeting Russian citizens or entities. Now Gemini has found what might be…Read More

  • - 10 July 2020, 3:01 pm

    From OneTrust DataGuidance: The Turkish data protection authority (‘KVKK’) announced, on 9 July 2020, a data breach suffered by Doctor Atadan Egemen Koyuncu. In particular, the KVKK highlighted that the data controller suffered a cyber attack on 5 July 2020 which affected the patient information system and that the violation was detected on the 6 July 2020. In addition, the KVKK noted that the number of people affected by the violation is estimated to be 10,000, although the exact number is unknown as the patient information system can no longer be accessed by the data controller. Read more on OneTrust. The original Turkish notice,…Read More

  • Dark Reading: Attacks/Breaches - 10 July 2020, 2:00 pm

    We’re continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.Read More

  • - 10 July 2020, 11:08 am

    There’s an update to a case previously noted on this site.  CNS reports: A San Diego man was sentenced Thursday to nearly four years in federal prison for his role in a scheme that took millions of dollars from U.S. servicemembers by utilizing stolen identity information. Trorice Crawford, 33, pleaded guilty last December to one count of conspiracy to launder monetary instruments for his part in facilitating the thefts of funds from thousands of military members’ bank accounts. Read more on 10News.Read More

  • Dark Reading: Attacks/Breaches - 9 July 2020, 10:25 pm

    For privacy-seeking users, good news: Computer scientists are finding more ways to thwart facial and image recognition. But there’s also bad news: Gains will likely be short-lived.Read More

  • Dark Reading: Attacks/Breaches - 9 July 2020, 9:45 pm

    The 754 million packets-per-second peak was part of a four-day attack involving more than 316,000 sending addresses.Read More

  • Dark Reading: Attacks/Breaches - 9 July 2020, 9:35 pm

    The group behind Evilnum malware, which continues to target financial institutions, appears to be testing new techniques.Read More

  • Dark Reading: Attacks/Breaches - 9 July 2020, 9:15 pm

    Data and insight from a leading cybersecurity research and analysis team will broaden the information available to security professionals and technology vendors.Read More

  • Dark Reading: Attacks/Breaches - 9 July 2020, 2:00 pm

    There are many reasons to pen test, but the financial reasons tend to get ignored.Read More

  • Dark Reading: Attacks/Breaches - 8 July 2020, 9:50 pm

    Data is fueling account takeover attacks in a big way, Digital Shadows says.Read More

  • Dark Reading: Attacks/Breaches - 8 July 2020, 9:35 pm

    The ring tests the validity of stolen credentials to be used in fraud through an online marketplace.Read More

  • Dark Reading: Attacks/Breaches - 8 July 2020, 8:55 pm

    Attacks against travel-related websites are on the rise as the industry begins to slowly recover from COVID-19, new data shows.Read More

  • Dark Reading: Attacks/Breaches - 8 July 2020, 8:05 pm

    The accused man, and members of his cybercriminal group, allegedly made at least $1.5 million hacking into companies and selling access to systems over the past three years.Read More

  • Dark Reading: Attacks/Breaches - 8 July 2020, 6:50 pm

    Researchers discuss how adversaries use components of Office 365 that are poorly understood and not closely monitored.Read More

  • Dark Reading: Attacks/Breaches - 8 July 2020, 2:00 pm

    The industry is missing an opportunity to educate the public about bad actors who capitalize off of protest, voting rights education and police brutality petitions through social engineering and phishing attacks.Read More

  • Dark Reading: Attacks/Breaches - 7 July 2020, 9:05 pm

    Its North American branch was notified of the attack because intruders reportedly gained access to ‘at least some information’ stored in its systems.Read More

  • Dark Reading: Attacks/Breaches - 7 July 2020, 7:05 pm

    The threat posed by drones to critical infrastructure and other operational technology is made more serious by the inability of law enforcement to locate operators, researchers say.Read More

  • Dark Reading: Attacks/Breaches - 7 July 2020, 6:35 pm

    Cosmic Lynx takes a sophisticated approach to business email compromise and represents a shift in tactics for Russian cybercriminals.Read More

  • Dark Reading: Attacks/Breaches - 7 July 2020, 6:00 pm

    Don’t be distracted by flashy advanced attacks and ignore the more mundane ones.Read More

  • Dark Reading: Attacks/Breaches - 6 July 2020, 9:40 pm

    The two extraditions of business email compromise attackers indicate a step forward for international law enforcement collaboration.Read More

  • Dark Reading: Attacks/Breaches - 6 July 2020, 9:05 pm

    Since at least May 2019, the state-sponsored threat actor has stolen card data from dozens of retailers, including major US firms.Read More