Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-02-15 10:55:59 |
Morley companies suffers data breach (lien direct) |
A data breach at a business services company based in Saginaw, Michigan may have exposed the personal information of 521,00 people. The attack was detected on August 1 last year when data in the company’s care became unavailable. The breach comes as a direct result of cyber-criminals targeting Morley Companies. Michigan attorney general Dana Nessel confirmed […]
|
Data Breach
|
|
|
|
2022-02-14 12:07:49 |
(Déjà vu) Croatian phone carrier reports data breach (lien direct) |
‘A1 Hrvatska’, a Croatian phone carrier, has disclosed a data breach exposing the personal information of roughly 200,000 of its customers. The organisation has not provided many details outside the fact that they suffered a cybersecurity incident involving the unauthorised access of one of their user databases containing sensitive personal information. The information leaked includes […]
|
Data Breach
|
|
|
|
2022-02-14 11:28:15 |
Sensitive business addresses published in COVID data breach (lien direct) |
The addresses of defence sites, a missile maintenance unit and domestic violence shelters were among the 500,000 addresses leaked by mistake. This is the first major breach of the New South Wales government’s huge store of QR code data. Premier Dominic Perrottet said the information was uploaded in error and “shouldn't have happened”. The mistake […]
|
Data Breach
|
|
|
|
2022-02-12 11:46:51 |
(Déjà vu) Croatian phone carrier A1 Hrvatska discloses data breach (lien direct) |
Croatian phone carrier A1 Hrvatska has disclosed a data breach that has impacted roughly 200,000 customers. Croatian phone carrier A1 Hrvatska has disclosed a data breach that has impacted 10% of its customers, roughly 200,000 people. Threat actors had access to sensitive personal information of the customers, including names, personal identification numbers, physical addresses, and […]
|
Data Breach
Threat
|
|
|
|
2022-02-11 17:15:00 |
Immediata Agrees $1.125m Data Breach Settlement (lien direct) |
Software company agrees to settle class action lawsuit filed by victims of 2019 security breach |
Data Breach
|
|
|
|
2022-02-11 14:29:48 |
Croatian phone carrier data breach impacts 200,000 clients (lien direct) |
Croatian phone carrier 'A1 Hrvatska' has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people. [...] |
Data Breach
|
|
|
|
2022-02-10 12:59:53 |
Data From Washington Data Breach May Be On \'Dark Web\' (lien direct) |
The personal data of more than 250,000 licensed professionals in Washington may have made it to the “dark web,” where identity thieves gather information to enact their various schemes. Personal information of some of the hundreds of thousands of licensed professionals potentially exposed in a breach of a Washington state database may already have shown […] |
Data Breach
|
|
|
|
2022-02-07 15:49:03 |
Puma hit by data breach after Kronos ransomware attack (lien direct) |
Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021. [...] |
Ransomware
Data Breach
|
|
|
|
2022-02-07 10:02:00 |
Umbrella company Parasol confirms data breach linked to cyber attack five weeks ago (lien direct) |
Pas de details / No more details |
Data Breach
|
|
|
|
2022-02-04 21:46:06 |
Over 500,000 people were impacted by a ransomware attack that hit Morley (lien direct) |
Business services firm Morley was hit by a ransomware attack that may have exposed data of +500,000 individuals. Business services company Morley was victim of a ransomware attack that may have resulted in a data breach impacting more than 500,000 individuals. Morley Companies is a United States corporation that provides business services to Fortune 500 and Global 100 clients; contact […]
|
Ransomware
Data Breach
|
|
|
|
2022-02-04 20:18:07 |
Report: Data breach numbers may not actually be declining, and reporting them is getting slower (lien direct) |
Flashpoint and Risk Based Security's report found that, despite early reports, the total number of breaches is likely much higher than reported, with the time it takes to report a breach the longest since 2014.
|
Data Breach
|
|
|
|
2022-02-04 16:01:08 |
Business Services Firm Morley Discloses Data Breach Affecting 500,000 People (lien direct) |
Business services company Morley this week announced being targeted in a ransomware attack that may have resulted in the information of more than 500,000 individuals getting stolen.
|
Ransomware
Data Breach
|
|
|
|
2022-02-03 14:00:00 |
New Year, Same Risks? Six Cyber Resilience Resolutions for a Safer 2022 (lien direct) |
2021 was a banner year for cyber attacks. Compared to 2020, last year saw a 50% increase in attacks per week on corporate networks, even as the total cost of managing a cyber attack rose by 10%, according to IBM’s Cost of a Data Breach Report 2021. Add in the ongoing shift to hybrid work […]
|
Data Breach
|
|
|
|
2022-02-02 11:02:58 |
Business services provider Morley discloses ransomware incident (lien direct) |
Morley Companies Inc. disclosed a data breach after suffering a ransomware attack on August 1st, 2021, allowing threat actors to steal data before encrypting files. [...] |
Ransomware
Data Breach
Threat
|
|
|
|
2022-02-02 03:36:43 |
Cynet\'s Keys to Extend Threat Visibility (lien direct) |
We hear about the need for better visibility in the cybersecurity space – detecting threats earlier and more accurately. We often hear about the dwell time and the time to identify and contain a data breach. Many of us are familiar with IBM's Cost of a Data Breach Report that has been tracking this statistic for years. In the 2021 report, IBM found that, on average, it takes an average of 212 |
Data Breach
Threat
|
|
|
|
2022-02-02 02:29:50 |
RIPTA Data Breach Affected About 22,000 People (lien direct) |
A data breach at the state agency that operates Rhode Island's public bus service compromised the personal information of about 22,000 people, agency officials said at a legislative hearing.
|
Data Breach
|
|
|
|
2022-01-31 16:10:58 |
Cyber attacks at an all time high for UK corps (lien direct) |
A new survey of 450 top finance and risk professionals at UK-listed companies have found that nearly two-thirds of organisations have experienced a data breach or cyber attack in the first year and a half of the pandemic. The research also found that the rise in cyber attacks led to the loss of money and […]
|
Data Breach
|
|
|
|
2022-01-27 12:18:42 |
EyeMed agrees $600,000 settlement over 2020 data breach (lien direct) |
The data of roughly 2.1 million individuals was exposed. |
Data Breach
|
|
|
|
2022-01-26 16:45:00 |
EyeMed Fined $600k Over Data Breach (lien direct) |
New York fines healthcare provider over exposure of 2.1 million health records |
Data Breach
|
|
|
|
2022-01-23 19:39:31 |
OpenSubtitles data breach impacted 7 million subscribers (lien direct) |
OpenSubtitles has suffered a data breach, the maintainers confirmed that the incident impacted 7 Million subscribers. OpenSubtitles is a popular subtitles websites, it suffered a data breach that affected 6,783,158 subscribers. Exposed data include email and IP addresses, usernames, the country of the user and passwords stored as unsalted MD5 hashes. The administrator of the […]
|
Data Breach
|
|
|
|
2022-01-21 16:38:00 |
Memorial Health System Confirms Data Breach (lien direct) |
Ransomware attack jeopardizes data of 216K patients of Ohio-based health system |
Ransomware
Data Breach
|
|
|
|
2022-01-20 10:00:00 |
Red Cross: Supply Chain Data Breach Hit 500K People (lien direct) |
International charity pleads with attackers not to leak information |
Data Breach
Guideline
|
|
|
|
2022-01-19 17:30:00 |
(Déjà vu) Ransomware Attack on Moncler (lien direct) |
Luxury fashion brand confirms data breach caused by ransomware attack |
Ransomware
Data Breach
|
|
|
|
2022-01-18 21:58:59 |
AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler (lien direct) |
Luxury fashion giant Moncler confirmed a data breach after a ransomware attack carried out by the AlphV/BlackCat. Moncler confirmed a data breach after an attack that took place in December. The luxury fashion giant was hit by AlphV/BlackCat ransomware that today published the stolen data on its leak site in the Tor network. In December, malware […]
|
Ransomware
Data Breach
Malware
|
|
|
|
2022-01-18 14:51:50 |
Fashion giant Moncler confirms data breach after ransomware attack (lien direct) |
Italian luxury fashion giant Moncler confirmed that they suffered a data breach after files were stolen by the AlphV/BlackCat ransomware operation in December and published today on the dark web. [...] |
Ransomware
Data Breach
|
|
|
|
2022-01-18 13:35:58 |
Accellion Reaches $8.1 Million Settlement Over FTA Data Breach (lien direct) |
Enterprise content firewall provider Accellion has reached an $8.1 million settlement to end a lawsuit over a data breach involving its legacy file sharing service FTA, Reuters reports.
|
Data Breach
|
|
|
|
2022-01-18 08:17:53 |
GUEST ESSAY: Data breaches across the globe slowed significantly in Q4 2021 versus Q1-Q3 (lien direct) |
After a gloomy start with its first three breach intensive quarters, 2021 has finally ended, and on a positive note.
Related: Cybersecurity experts reflect on 2021
This conclusion is derived from an analysis of data taken from our data breach … (more…) |
Data Breach
|
|
|
|
2022-01-18 04:14:09 |
Additional Healthcare Firms Disclose Impact From Netgain Ransomware Attack (lien direct) |
Healthcare providers Caring Communities and Entira Family Clinics are warning patients that their personal information may have been exposed in a data breach that hit tech vendor Netgain Technology more than a year ago.
|
Ransomware
Data Breach
|
|
|
|
2022-01-17 18:13:00 |
EHR Vendor Faces Legal Action Over Data Breach (lien direct) |
Class action filed against HER vendor QRS over summertime cyber-attack |
Data Breach
|
|
|
|
2022-01-17 17:11:00 |
Accellion Reaches $8.1m Data Breach Settlement (lien direct) |
Tech company proposes agreement to settle FTA data breach class action |
Data Breach
|
|
|
|
2022-01-14 16:13:42 |
Goodwill discloses data breach on its ShopGoodwill platform (lien direct) |
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform. [...] |
Data Breach
|
|
|
|
2022-01-14 16:04:19 |
The FCC propose new rules for data breach reporting (lien direct) |
The Federal Communications Commission (FCC) has called for more in-depth requirements for data breach reporting in the telecommunications industry. The proposal follows the recent increase of attacks seen in the telecommunications sector. The proposal was shared on Wednesday by the Chairwoman of the FCC, Jessica Rosenworcel, in a Notice of Proposed Rulemaking (NPRM). The proposal […]
|
Data Breach
|
|
★★★★★
|
|
2022-01-13 19:20:00 |
FCC Proposes Stricter Data Breach Reporting Requirements (lien direct) |
Commission wants companies to notify customers of “inadvertent” breaches |
Data Breach
|
|
★★★★
|
|
2022-01-13 17:36:10 |
FCC Chair Proposes New Policies for Carrier Data Breach Reporting (lien direct) |
Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers' reporting of data breaches.
|
Data Breach
|
|
|
|
2022-01-13 16:39:48 |
FCC wants new data breach reporting rules for telecom carriers (lien direct) |
The Federal Communications Commission (FCC) has proposed more rigorous data breach reporting requirements for telecom carriers in response to breaches that recently hit the telecommunications industry. [...] |
Data Breach
|
|
|
|
2022-01-12 21:00:00 |
Clinical Review Vendor Reports Data Breach (lien direct) |
Nearly 135K individuals impacted by cyber-attack on Medical Review Institute of America |
Data Breach
|
|
|
|
2022-01-12 16:00:00 |
Anomali Cyber Watch: FluBot, iOS, Ransomware, Zloader, and More (lien direct) |
The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Data breach, Phishing, Ransomware and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Attack Misuses Google Docs Comments to Spew Out “Massive Wave” of Malicious Links
(published: January 7, 2022)
Security researchers have seen a very large number of attacks leveraging the comment features of Google Docs to send emails to users containing malicious content. The attackers can create a document, sheet, or slides and add comments tagging any user's email address. Google then sends an email to the tagged user account. These emails come from Google itself and are more likely to be trusted than some other phishing avenues.
Analyst Comment: Phishing education can often help users identify and prevent phishing attacks. Specific to this attack method, users should verify that any unsolicited comments that are received come from the user indicated, and if unsure, reach out separately to the user that appears to have sent the comment to verify that it is real. Links in email should be treated with caution.
MITRE ATT&CK:[MITRE ATT&CK] Masquerading - T1036 | [MITRE ATT&CK] Phishing - T1156
Tags: Google, Impersonation, Phishing
Finalsite Ransomware Attack Forces 5,000 School Websites Offline
(published: January 7, 2022)
Finalsite, a firm used by schools for website content management, design, and hosting, has been hit by an unknown strain of ransomware that affected approximately 5,000 of their 8,000 customers. The company has said in a statement that many of the affected sites were preemptively shut down to protect user's data, that there is no evidence of that data was breached (although they did not confirm that they had the needed telemetry in place to detect that), and that most of the sites and services have been restored.
Analyst Comment: Verified backup and disaster recovery processes are an important aspect of protecting organizations and allowing for remediation of successful attacks. Monitoring and telemetry can aid in detection and prevention from attacks, and provide evidence as to whether data has been exfiltrated.
MITRE ATT&CK:[MITRE ATT&CK] Web Service - T1102 | [MITRE ATT&CK] Data Encrypted for Impact - T1486
Tags: Education, Finalsite, Ransomware, Web hosting
FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond
(published: January 6, 2022)
Security researchers have analyzed a new and more sophisticated version of the FluBot Android malware first detected in early 2020. Once installed on a device, the malware can full |
Ransomware
Data Breach
Malware
Tool
Vulnerability
Threat
Guideline
|
|
|
|
2022-01-12 14:44:51 |
Hackers raided Panasonic server for months, stealing personal data of job seekers (lien direct) |
Technology giant Panasonic has confirmed that one of its servers suffered a data breach which saw the personal information of job applicants accessed by an unauthorised party.
Read more in my article on the Hot for Security blog. |
Data Breach
|
|
|
|
2022-01-12 14:06:05 |
Achieve 10X Faster Response Time with Cybereason XDR (lien direct) |
Despite spending millions of dollars on cybersecurity tools over the past few years, most organizations still can't detect or respond to cyber attacks in a reasonable timeframe. According to Verizon's 2021 Data Breach Investigations Report (DBIR), 60% of incidents were discovered within days. However, in 20% of attacks, it took months or longer before organizations realized a breach had occurred. |
Data Breach
|
|
|
|
2022-01-11 11:24:57 |
MRIoA Discloses Data Breach Affecting 134,000 People (lien direct) |
Medical Review Institute of America (MRIoA) on Friday started notifying some individuals that their personal information was compromised in a cyberattack.
|
Data Breach
|
|
|
|
2022-01-10 11:00:00 |
FlexBooker Reveals Major Customer Data Breach (lien direct) |
Nearly four million customers impacted by AWS account compromise |
Data Breach
|
|
|
|
2022-01-07 12:12:38 |
Online Pharmacy Service Ravkoo Discloses Data Breach (lien direct) |
United States-based online pharmacy service Ravkoo this week started notifying patients of a data breach that potentially resulted in the exposure of personal information.
|
Data Breach
|
|
|
|
2022-01-07 09:20:29 |
Over 3.7 million accounts were compromised in the FlexBooker data breach (lien direct) |
The appointment scheduling service FlexBooker discloses a data breach that impacted over 3.7 million accounts. Threat actors compromised the FlexBooker accounts of more than 3.7 million users, the attack took place before the holidays. Stolen data are now available for sale on multiple cybercrime forums. FlexBooker is an online appointment scheduling platform that allows users to […]
|
Data Breach
Threat
|
|
|
|
2022-01-06 18:27:00 |
Investigation Launched into RIPTA Data Breach (lien direct) |
Rhode Island attorney general to probe data breach of the Ocean State's public transit authority |
Data Breach
|
APT 32
|
|
|
2022-01-06 11:48:11 |
US online pharmacy Ravkoo links data breach to AWS portal incident (lien direct) |
Ravkoo, a US Internet-based pharmacy service, has disclosed a data breach after the company's AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed. [...] |
Data Breach
|
|
|
|
2022-01-05 19:46:00 |
Morgan Stanley Agrees to Data Breach Settlement (lien direct) |
American company willing to pay $60M to settle allegations of data safeguarding failures |
Data Breach
|
|
|
|
2022-01-05 11:19:41 |
Morgan Stanley agrees to $60 million settlement in data breach lawsuit (lien direct) |
Customer data was held on legacy equipment that was later sold on without being wiped. |
Data Breach
|
|
★★★★
|
|
2022-01-05 10:58:58 |
(Déjà vu) Broward Health Data Breach Impacts 1.3 Million People (lien direct) |
More than 1.3 million people were impacted in a data breach at Broward Health, the Florida hospital system has revealed.
|
Data Breach
|
|
|
|
2022-01-04 21:43:18 |
What to Do If You\'re Caught Up in a Data Breach (lien direct) |
It happens with more regularity than any of us like to see. There's either a headline in your news feed...
|
Data Breach
|
|
★★
|
|
2022-01-04 21:05:11 |
UScellular discloses the second data breach in a year (lien direct) |
UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in December 2021. UScellular has disclosed a data breach after the attack that compromised the company’s billing system in December 2021. United States Cellular Corporation, is the fourth-largest wireless carrier in the United States, with over […]
|
Data Breach
Hack
|
|
|