Breaches: Page 7
-
Microsoft hardens key issuance systems after state-backed hackers breach Outlook accounts
The China-linked group, which Microsoft calls Storm-1558, has adopted new techniques after it took steps to disrupt their recent hacking activity.
By David Jones • July 17, 2023 -
Deep Dive
MOVEit mass exploit timeline: How the file-transfer service attacks entangled victims
The slow-moving disaster has ensnared some of the world's largest enterprises. Cybersecurity experts expect further damage to come.
By Matt Kapko • July 14, 2023 -
Johns Hopkins hit with class action suit following MOVEit data breach
The suit alleges that the health system failed to implement safeguards to secure patients’ health information and provided insufficient details about the stolen data.
By Sydney Halleman • July 12, 2023 -
Suncor Energy confirms hackers breached Petro-Canada gas stations’ customer rewards data
The company, the largest integrated energy firm in Canada, said field operations were not impacted.
By David Jones • July 6, 2023 -
MOVEit vulnerability snags almost 200 victims, more expected
The education sector has been hit particularly hard as many widely used vendors in the space confirm impacts linked to the mass exploited vulnerability.
By Matt Kapko • July 5, 2023 -
Cyberattack exposes data on nearly 9K American and Southwest Airlines pilot applicants
Two of the world’s largest airlines no longer use recruitment portal Pilot Credentials after a cyberattack at the end of April.
By Matt Kapko • June 27, 2023 -
MOVEit vulnerability ensnares more victims
Some organizations have been impacted due to their direct use of MOVEit while others have been exposed by third-party vendors.
By Matt Kapko • June 27, 2023 -
Big names disclose MOVEit-related breaches, including PwC, EY and Genworth Financial
More than 100 organizations have been hit as part of the MOVEit attack campaign, including PBI Research Services, which exposed millions of customer data files to theft.
By David Jones • June 23, 2023 -
Retrieved from Dole.
Dole says February ransomware attack breached data of almost 3,900 US workers
The fresh produce giant disclosed the data security impact in a filing with the Maine Attorney General.
By David Jones • June 22, 2023 -
Progress Software faces federal class action lawsuits as MOVEit breach exposure widens
Louisiana residents allege their personal financial information was put at risk after the state's motor vehicles department had data exposed in the MOVEit data breach.
By David Jones • June 21, 2023 -
US puts $10M bounty on Clop as federal agencies confirm data compromises
Additional private sector companies have disclosed attacks after multiple vulnerabilities were found in MOVEit Transfer software.
By David Jones • June 20, 2023 -
Another MOVEit vulnerability found, as state and federal agencies reveal breaches
The third vulnerability since Progress Software first disclosed a MOVEit Transfer zero day arrived just as CISA officials said a “small number” of federal agencies were impacted.
By Naomi Eide • June 16, 2023 -
Clop names a dozen MOVEit victims, but holds back details
As its deadline expired, the ransomware group released the first batch of victim organizations, most of which were U.S.-based, ReliaQuest found.
By Naomi Eide • June 15, 2023 -
Minnesota Department of Education exposed in MOVEit data breach
The departments discovered on May 31 that 24 of its files on the MOVEit server had been accessed by an outside entity, including 95,000 student names in foster care across the state.
By Anna Merod • June 14, 2023 -
Ahead of summer holiday weekends, IT security leaders brace for deliberate cyber mischief
Recent history shows holiday weekends and vacations provide an attack surface bonanza for threat actors.
By David Jones • May 26, 2023 -
CISA updates ransomware guide 3 years after its debut
The #StopRansomware guide, updated in partnership with the FBI, NSA and MS-ISAC, reflects aggressive new techniques used by threat actors, including double extortion.
By David Jones • May 24, 2023 -
Yum Brands faces class action suits from employees after ransomware attack
The Taco Bell and KFC operator is facing litigation after some personal data of company employees was stolen in the attack.
By David Jones • May 16, 2023 -
Western Digital cyberattack not expected to have material impact on future earnings
The company is coordinating with law enforcement while it continues a forensic investigation.
By David Jones • May 15, 2023 -
Dragos says it thwarted extortion bid by known ransomware threat group
The hackers accessed limited information by impersonating a new employee, and the cybersecurity firm warns some stolen data may be leaked.
By David Jones • May 11, 2023 -
Western Digital confirms customer data accessed by hackers in attack
The company has begun notifying customers about stolen data and expects to restore its online store next week.
By David Jones • May 8, 2023 -
Google, Dashlane separately move to eliminate passwords
In unrelated moves, the companies highlighted a growing effort to phase out dependence on passwords amid a rise in phishing attacks.
By David Jones • May 4, 2023 -
3CX threat actor named as company focuses on security upgrades, customer retention
Mandiant attributed the supply chain attack to a North Korea-linked adversary that targeted systems using Windows-based malware.
By David Jones • April 12, 2023 -
Western Digital restores local access to My Cloud Home customers following security breach
The data storage company has provided limited updates to customers after disclosing the initial incident.
By David Jones • April 11, 2023 -
Samsung employees leaked corporate data in ChatGPT: report
Data privacy is a concern for companies with employees using ChatGPT’s web-based interface, as input data is used to train and improve the tool.
By Lindsey Wilkinson • April 10, 2023 -
Broad MFA, rapid patching a must to stop cyberattacks, Marsh McLennan finds
A study says organizations need to implement automated hardening techniques to protect systems against future data breaches.
By David Jones • April 6, 2023