First American Financial takes systems offline after cyber incident

The incident comes just weeks after the title insurance firm reached a $1 million settlement with New York state financial regulators for a massive 2019 data breach that impacted 885 million customer records.

By David Jones • Updated Dec. 27, 2023

Notorious ransomware group tussles with law enforcement, regenerates after takedown

The on-again, off-again appearance of AlphV’s threats on the dark web underscore the difficulties law enforcement agencies confront in their disruption efforts.

By Matt Kapko • Dec. 20, 2023

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

By Cybersecurity Dive staff

US leads AlphV ransomware infrastructure takedown

Law enforcement released a decryptor for the prolific threat group and ransomware affiliate service behind some of 2023’s most high-profile attacks.

By Matt Kapko • Dec. 19, 2023

Comcast’s Xfinity discloses massive data breach linked to CitrixBleed vulnerability

The breach, involving 35.9 million customers, took place just a week after Citrix released a patch for a critical flaw.

By David Jones • Dec. 19, 2023

Cyberattack on VF Corp. disrupts order fulfillment

The attack on the company last week, which owns Vans and The North Face, also resulted in data theft. 

By Laurel Deppen • Dec. 18, 2023

Mr. Cooper cyberattack hits every current — and former — customer

The mortgage servicer expects vendor expenses related to its response and recovery to reach $25 million this quarter. Almost 14.7 million people were impacted.

By Matt Kapko • Dec. 18, 2023

State-linked cyber actors behind SolarWinds plant seeds for new malicious campaign

U.S. authorities are raising alarms that the 2020 Sunburst attack threat actors are exploiting a CVE in JetBrains TeamCity in preparation for future supply chain compromises.

By David Jones • Dec. 15, 2023

Kraft Heinz probes ransomware attack claim

The food and beverage company attributed the potential attack to a decommissioned marketing site and said internal systems are operating normally.

By Matt Kapko • Dec. 15, 2023

Credit unions recover from outages caused by third-party ransomware attack

While Ongoing Operations said some of its data was compromised and notified impacted customers, credit unions have yet to disclose damages downstream.

By Matt Kapko • Dec. 14, 2023

Check Point Software in SEC settlement talks in connection with SolarWinds probe

The cybersecurity firm provided documents and other information related to the 2020 supply chain hack of the SolarWinds Orion platform.

By David Jones • Dec. 13, 2023

Henry Schein says 29K people affected in September cyberattack

The ransomware group AlphV/BlackCat claimed responsibility for the data breach and a second incident involving the company.

By Susan Kelly • Dec. 11, 2023

Red Roof claims cybersecurity incident did not involve guest data

The hotel company experienced a ransomware attack in September that targeted personal data.

By Jenna Walters • Dec. 11, 2023

Norton Healthcare ransomware attack exposes 2.5M people

Ransomware attacks are soaring in the healthcare sector, impacting more than 88 million people in the first 10 months of 2023, according to HHS.

By Matt Kapko • Dec. 11, 2023

White House wants to set minimum cyber standards for hospitals, healthcare

The sector has faced a wave of ransomware linked to the critical CitrixBleed vulnerability, which has led to major attacks from LockBit and other threat groups.

By David Jones • Dec. 11, 2023

Court approves Cargill’s $2.4M settlement of Kronos outage wage claims

Employees alleged that the Kronos Private Cloud ransomware attack resulted in unpaid wages and overtime, among other damages.

By Ryan Golden • Dec. 8, 2023

Data breaches fallout reach new heights as the number of exposed records soars

The increased threat to and exposure of personal data is linked to two key factors: a rise in ransomware and attacks against vendors, an MIT study found.

By Matt Kapko • Dec. 8, 2023

Fidelity National Financial still assessing cyberattack impact, but is insured

The company acknowledged real estate closings were briefly impacted, however committed to protect customer data and prioritize cybersecurity investments.

By David Jones • Dec. 7, 2023

Water utility cyberattacks underscore ongoing threat to OT

U.S. officials urged water utilities and industrial sites to employ basic configuration safeguards like securing internet-facing devices and changing default passwords following a series of attacks.

By David Jones • Dec. 5, 2023

Payments processor Tipalti investigating ransomware attack

The AlphV ransomware group claimed responsibility for the attack on Saturday and threatened to extort Tipalti customers with allegedly stolen data.

By Matt Kapko • Dec. 4, 2023

Dozens of credit unions confront outages linked to third-party ransomware attack

CitrixBleed ensnared another industry, leading to a network incident at Ongoing Operations, which provides business continuity services.

By Matt Kapko • Dec. 4, 2023

Fidelity National Financial restoring operations after containing cyberattack

The company, one of the largest title insurance firms in the U.S., is still assessing whether the attack will have a material impact on its business.

By David Jones • Dec. 4, 2023

Staples hit by cyberattack during critical Cyber Week sales push

The office supply retailer expects to fully catch up on back orders after online processing and deliveries were briefly disrupted.

By David Jones • Dec. 1, 2023

Okta again promises it is taking security seriously

CEO Todd McKinnon used the company's earnings call to once again pledge improvements and address a culture of lax security.

By Matt Kapko • Nov. 30, 2023

North Texas water utility the latest suspected industrial ransomware target

Federal authorities are investigating multiple attacks against water and wastewater treatment facilities in the U.S. following an Iran-linked attack in Pennsylvania.

By David Jones • Nov. 30, 2023

MGM CFO expects insurance to cover cyberattack costs

The Las Vegas-based casino and resort operator has pegged the costs of the September cyberattack that temporarily impeded operations at about $100 million. 

By Suman Bhattacharyya • Nov. 29, 2023