Editor's Message

Welcome to DBD. 2023 has been the worst year on record for Data-Leaking Ransomware Attacks, and despite Law Enforcement gains, show no signs of slowing down. On a more positive note, our PRiSM platform continues to gain recognition and is now officially endorsed as a Ransomware Intelligence Resource by the SANS Institute. With that in mind, we would like to take this opportunity to thank you for all your very much appreciated and continued support. Stay safe. :)



Monday 10 May 2021

Data Breaches Digest - Week 19 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 10th May and 16th May 2021.


16th May

After dropping support for ransom payments, AXA struck by ransomware in Asia

AXA division in Asia hit by ransomware cyber attack

Colonial Pipeline attack: A 'wake up call' about the threat of ransomware

DarkSide ransomware gang shuts shop following ‘law enforcement request’

Galway University Hospitals and Portiuncula University Hospital issue update on disruption to services

Hackers find easy prey as U.S. ignores one warning after another

Herff Jones credit card breach impacts college students across the US

How ransomware ecosystem operates

How to Stop Ransomware Attacks

How the Ransomware attack on the HSE will affect services in Offaly this week

More ransomware websites disappear in aftermath of Colonial Pipeline hack

Nearly 90% Of All US Cyberattacks Have Come From Within the Country

Ransomware attack - the impact on hospital services at Galway University Hospitals

Ransomware attack continuing to have considerable impact on services at Mayo University Hospital

The bizarre story of the inventor of ransomware

Updated information on hospital service cancellations at Letterkenny University Hospital (LUH)

US Feds say a lack of reporting poses barrier to cyber defence

US pipeline operator back to normal

Yes, Windows 10 Has Ransomware Protection: Here’s How To Turn It On

15th May

$81 Million crypto already stolen in 2021

200,000 Veteran’s Medical Records may Have Been Stolen by Ransomware attackers

Apple rejected over 215,000 apps in 2020 for privacy violations

Colonial Pipeline paid a $5 million ransom - and kept a vicious cycle turning

Colonial Pipeline restarts operations after ransomware attack led to gasoline shortages

Colonial Pipeline resumes 'normal operations'

DarkSide Drama Isn’t The Death Of Ransomware - It’s Not Even The Death Of DarkSide

DarkSide extracts $4.4m ransom from German chemical distribution company

Disruption to Sligo Hospital services expected to continue next week

Doctors locked out of x-rays, test results and medical records

Hacked US energy pipeline on track to restore full service but shortages persist

Hackers threaten to release police records, knock 911 offline

How to Activate the Security Features on Microsoft 365

HSE issues statement on the impact of ransomware attack for patients of Portlaoise, Naas and Tullamore hospitals

HSE ransomware attack: All you need to know

HSE ransomware attack: Thousands of appointments to be cancelled into next week

Ireland shuts down health IT system after ransomware attack

Ireland's health service shut down after 'serious' ransomware attack

Ireland’s Health Services hit with $20 million ransomware demand

Montreal library to close until Tuesday due to daycare data breach

National Cyber Defense Is a “Wicked” Problem: Why the Colonial Pipeline Ransomware Attack and the SolarWinds Hack Were All but Inevitable

Nigeria: Federal Government warns about new Cyberattack strategies used by hackers

NSW Labor warns members their data could end up online after hacker’s deadline passes

Pipeline Attack Stirs Debate on Whether Insurance Lures Hackers

Pipeline operator says ‘normal operations’ have resumed

Ransomware Actor Hit Insurance Giant AXA Following Decision to Stop Ransomware Reimbursements

Ransomware gangs have eyes on the UAE, with more tricks up their sleeves

Ransomware group says it released 'full data' on DC police department

Scripps Health ransomware shutdown hits the two-week mark

South Korea clamps down on digital currency phishing activities

Telephone System At University Hospital Limerick Affected By HSE Ransomware Attack

The Colonial Pipeline Attack Is a Dark Omen

Theft of personal information in the University of California (UC)

There’s a Simple Way Websites Can Identify Anonymous Users Across Different Browsers

To protect all of us, government and business had better step up cybersecurity

US pipeline resumes 'normal operations' after ransomware attack

14th May

2021 Verizon Data Breach Investigations Report Proves That Cybercrime Continued to Thrive During the Pandemic

A cyber-threat odyssey: Identifying geography, network characteristics of phishing attacks

A Toshiba business unit says it has been attacked by hacking group DarkSide

Adopting zero trust architecture can limit ransomware’s damage

After the Colonial Pipeline attack, here’s what everyone should know about ransomware

Australian Signals Directorate (ASD) knows who attacked the Australian Parliament House (APH) email system but isn't revealing who

Bitcoin extortion: How cryptocurrency has enabled a massive surge in ransomware attacks

City of Trenton Stops Sophisticated Vendor Phishing Scam in Its Tracks

Colonial Pipeline hack similar to Logansport ransomware attack

Court Sentences Man Who Stole $700K in City Phishing Scam

Critical Infrastructure Remains At Risk Following Ransomware Attack

Cross-browser tracking vulnerability tracks you via installed apps

Cyber attack 'most significant on Irish state'

Cybersecurity Experts Call for Stronger Action to Disrupt Ransomware 'Business Model'

DarkSide Added ‘Toshiba France’ to Its Victim List but It Could Be the Last One

DarkSide explained: The ransomware group responsible for Colonial Pipeline attack

DarkSide Ransomware Group Loses Server Access After US Moves to Disrupt Operations

DarkSide ransomware servers reportedly seized, operation shuts down

DarkSide Ransomware Suffers ‘Oh, Crap!’ Server Shutdowns

DC Police Victim Of Massive Data Leak By Ransomware Gang

Echelon Fitness Leaks PII of Customers Through Severely Insecure API

Executive impersonation attacks increased substantially between Q1 2020 and Q1 2021

Gary rebuilds servers following ransomware attack

Hackers Post Personal Data of D.C. Police Officers Following Ransomware Attack

Here’s How Much Your Personal Information Is Worth to Cybercriminals – and What They Do with It

How ransomware became a disruptive and lucrative form of cybercrime

How the Colonial Pipeline hack is part of a growing ransomware trend in the US

How to protect yourself from ransomware

How to select a cybersecurity framework to protect your greatest assets: People, property and data

How Zero Trust Security Can Protect Against Ransomware

HSE shuts down IT systems after ransomware attack by ‘international criminals’

Ireland will not pay ransom after health service cyber attack

Ireland’s Healthcare System’s IT Offline Following Ransomware Attack

Irish Health IT services shut down over ‘significant ransomware attack’

Irish Health Service Hit by 'Very Sophisticated' Ransomware Attack

Irish healthcare shuts down IT systems after Conti ransomware attack

Learning from cyber attacks could be the key to stopping them

Lemonade Denies “Unforgivably Negligent” Security Gaffe

Microsoft Alerts Aviation and Travel Firms to RAT Campaign

New Magecart Group 12 Campaign Is Deploying PHP-Based Skimmer

North Carolina moves toward ban on ransomware payments

Pipeline Ransomware Shows Dangers of Unsecured Infrastructure

QNAP warns of eCh0raix ransomware attacks, Roon Server zero-day

Questions raised on Rensselaer Polytechnic Institute (RPI) response to data breach

Ransomware: Survive by Outrunning the Guy Next to You

Ransomware ads now also banned on Exploit cybercrime forum

Ransomware attack causing serious disruption in Galway hospitals

Ransomware attack disrupts Irish health services

Ransomware Attacks Growing More Profitable

Ransomware attacks on Irish health services & Colonial Pipeline cause major disruptions to critical services

Ransomware gangs disrupted by response to Colonial Pipeline hack

Ransomware took down the Colonial Pipeline. You could be at risk too

Ransomware’s New Swindle: Triple Extortion

Rapid7 Admits Codecov Trouble but Says Code Hasn’t Been Affected

Rapid7 Source Code Accessed in Cyber-attack

Rapid7 source code, alert data accessed in Codecov supply chain attack

Report finds ransomware hitting manufacturers hardest

Researchers design a way to make encrypted keys harder to crack

RevengeRAT and AysncRAT target aerospace and travel sectors

Russian-language cybercriminal forum ‘XSS’ bans DarkSide and other ransomware groups

‘Scheme Flooding’ Allows Websites to Track Users Across Browsers

Scripps ransomware shutdown hits the two-week mark

'Significant' ransomware attack forces Ireland's health service to shut down IT systems

Small business agency SEDA taken down in ransomware attack

Solving the Ransomware Crisis

Sophisticated Actors Refresh Their ‘SombRAT’ Backdoor to Hide Better Following Analysis

Taoiseach insists Ireland will not pay ransom after HSE cyber attack

The 5 Key Ransomware Questions CEOs Should Be Asking CIOs Now

To Pay or Not to Pay? The Dilemma for Ransomware Victims

Toshiba hit by ransomware in suspected DarkSide attack

Toshiba unit struck by DarkSide ransomware group

Toshiba's French unit hit by DarkSide ransomware attack

US fuel pipeline 'paid hackers $5m in ransom'

US pipeline ransomware attack serves as fair warning to persistent corporate inertia over security

Verizon: Pandemic Ushers in ⅓ More Cyber-Misery

Verizon’s 2021 Data Breach Investigations Report (DBIR): Phishing and ransomware threats looming ever larger

What is AppSec? The Challenges and Rewards

What is DARKSIDE, the cybercriminal ransomware group that has the world on alert?

When exploit code precedes a patch, attackers gain a massive head start

13th May

3 areas of implicitly trusted infrastructure that can lead to supply chain compromises

A Cyber Executive Order For the 21st Century

Apple’s ‘Find My’ Network Exploited via Bluetooth

Attackers abuse Microsoft dev tool to deploy Windows malware

Babuk Leaks the Entire Data Set Stolen From D.C. Metro Police Three Weeks Ago

Beyond MFA: Rethinking the Authentication Key

Biden Administration Signs Comprehensive Cybersecurity Executive Order

Biden Executive Order Mandates Zero Trust and Strong Encryption

Biden's executive order faces challenges trying to beef up US cybersecurity

Chemical distributor pays $4.4 million to DarkSide ransomware

Cisco fixes 6-month-old AnyConnect VPN zero-day with exploit code

Cloud compromise now the biggest cybersecurity issue for financial institutions

Colonial hack: Biden orders tightening of cyber-defences

Colonial Pipeline Attackers Linked to Infamous REvil Group

Colonial Pipeline paid close to $5 million in ransomware blackmail payment

Colonial Pipeline restores operations, $5 million ransom demanded

Colonial Pipeline Shells Out $5M in Extortion Payout

Consumers aware of travel cyber risks, still not putting their digital wellness first

Consumers Unforgiving of Merchants’ Data Failings

Cyber-attacks Cost Small US Businesses $25k Annually

Cybercriminals exploit these cognitive biases the most

Cybersecurity Executive Order requires new software security standards

DC police suffer ‘massive’ info leak after ransomware attack

Fake Cryptocurrency Apps on iOS and Android Defrauding Asian Users

Four Years On: Two-thirds of Global Firms Still Exposed to WannaCry

Fresh Loader Targets Aviation Victims with Spy RATs

Gary, Indiana hit with ransomware attack on city's government computers

Hacking MFA the Technical Way and How to Guard Against These Attacks

How to Protect Structured and Unstructured Data

Insurance giant CNA fully restores systems after ransomware attack

Interpol Launches African Cybercrime Initiative and Operations Desk

Learnings from the Colonial Pipeline cyberattack: focus on the 98% of attacks, not the 2%!

Meet Lorenz - A new ransomware gang targeting the enterprise

Microsoft build tool abused to deliver password-stealing malware

Microsoft Security Intelligence exposes phishing scheme that could be affecting you right now

Microsoft warns: Watch out for this new malware that steals passwords, webcam and browser data

Microsoft's new security feature locks hackers out with GPS

Old bugs exposing all WiFi enabled devices to FragAttacks

Organizations using Microsoft 365 experience more breaches, with more severe impacts

Pennsylvania attorney general investigating massive coronavirus contact tracing data breach

Phishing, ransomware, web app attacks dominate data breaches in 2021, says Verizon Business Data Breach Investigations Report

Pipeline Update: Biden Executive Order, DarkSide Detailed and Gas Bags

Popular Russian hacking forum XSS bans all ransomware topics

President Biden signs executive order to strengthen U.S. cybersecurity defenses

Ransomware: How the NHS learned the lessons of WannaCry to protect hospitals from attack

Ransomware Going for $4K on the Cyber-Underground

Rapid7 source code, credentials accessed in Codecov supply-chain attack

Record Number of Breaches Detected Amid #COVID19

Top security threats for power plants and how to proactively avoid them

Trailer maker Utility targeted in ransomware attack

Wi-Fi vulnerability may put millions of devices at risk

12th May

328 weaknesses found by Western Australia Auditor-General in 50 local government systems

All Wi-Fi devices impacted by new FragAttacks vulnerabilities

Apple failed to disclose security incident affecting 128 million users in 2015

Apple Mum on 128 Million Users Hack

Are Cybercriminals Evil or Greedy?

Babuk Gang: The Rising Threat on Cyber Security Landscape

Biden issues executive order to increase U.S. cybersecurity defenses

Blurred WFH lines create cybersecurity challenges for companies

DarkSide Offered Ransomware-as-a-Service Before Pipeline Attack

FBI, CISA publish alert on DarkSide ransomware

Foreign Secretary issues warning to Russia on ransomware

Government lays out plans to protect users online

Greek Hemodialysis Unit Operator Hit by Ransomware Gang That Threatens DDoSing

Half of Government Security Incidents Caused by Missing Patches

Home Working Parents and Young Adults Are Most Risky IT Users

How to prevent another Colonial Pipeline ransomware attack

How to prioritize patching in the exploit storm

Microsoft: Threat actors target aviation orgs with new malware

Microsoft 365 email data breaches take center stage amid WFH in a new report

Microsoft shares details of malware attack on aerospace, travel sector

Most enterprise cybersecurity teams lack the ability to remediate risk

Navigating the waters of maritime cybersecurity

New ransomware: CISA warns over FiveHands file-encrypting malware variant

Not again! Another Phishing Simulation Goes Awry

Pet and shopping scams surge during pandemic

Phishers using Zix to “legitimize” emails in the eyes of Office 365 users

Police Doxxed After Ransom Dispute

Ransomware attackers are now using triple extortion tactics

Ransomware Attacks on Municipalities Continue

Ransomware-hit Colonial Pipeline causes US petrol supply crunch, panic buying

Researchers track down five affiliates of DarkSide ransomware service

Russia must do more to tackle cyber criminals operating from within its borders, says UK

Scammers aren’t always who we expect them to be: How AI and biometrics can help

Security awareness training doesn’t solve human risk

Study reveals growing cybersecurity risks driven by remote work

Tens of Thousands of VoIP Devices From Around the Globe Are Publicly Exposed

The perils of lax security hygiene and what organizations can do about it

Time to patch against FragAttacks but good luck with home routers and IoT devices

Trust Wallet, MetaMask crypto wallets targeted by new support scam

What the pipeline attack means for critical infrastructures

When the adversarial view of the attack surface is missing, DX becomes riskier

Why VPN Is Vital in Securing Your Online Privacy

11th May

90% of security leaders view bot management as a top priority

A simple guide to keeping customers safe on your website

Adobe fixes Reader zero-day vulnerability exploited in the wild

Amazon Fake Reviews Scam: What The Data Breach Revealed

America’s largest fuel pipeline has been shut since Friday after a ransomware attack. What’s going on?

Avaddon ransomware targeting Australian organisations

AXA to Stop Reimbursing Ransom Payments

Colonial Pipeline ransomware hack and gas shortage: What you need to know

Colonial Pipeline ransomware attack has grave consequences

Connected and Automated Mobility (CAM) sector cybersecurity challenges and how to mitigate them

Cyber security: Learn to protect yourself from phishing attacks

Energy Tech Firm Hit in Ransomware Attack

Everything you need to know about the Colonial Pipeline ransomware attack

Expect Ransomware Attacks to Be Common Under Biden

FBI names pipeline cyberattackers

Hacker downloads files of 5,000 children from La Place 0-5, including son of family minister

How a cyberattack on a major pipeline is affecting gas prices

Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

It’s not just Scripps. Ransomware has become rampant during pandemic

Japanese Manufacturer Yamabiko Targeted by Babuk Ransomware

Kansas Identity Theft Spike Could Be Linked to Data Breach

New Android Malware Called ‘TeaBot’ Is Spreading in Europe

New Android malware targeting banks in Italy, Spain, Germany, Belgium, and the Netherlands

New Android malware TeaBot found stealing data, intercepting SMS

Norwegian firm shows how ransomware attack should be handled

Now ransomware is inundating public school systems

Panda Stealer targets cryptocurrency wallets and VPN credentials via malicious XLS attachment

Pipeline attack highlights ransomware threats to infrastructure

Ransomware: Don't pay up, it just shows cyber criminals that attacks work, warns Home Secretary

Ransomware Attack on Colonial Again Shows U.S. Ignores Warning After Warning

Ransomware crisis hits oil pipeline

Ransomware gang leaks data from Metropolitan Police Department

Ransomware gang releases DC police records

Security Vs. Convenience: Navigating the Mobile World

Six cyber security tips to keep your workspace safe

The best CISOs think like Batman, not Superman

The Colonial Pipeline ransomware attack and the SolarWinds hack were all but inevitable – why national cyber defense is a ‘wicked’ problem

The many sides of DarkSide, the group behind the Colonial Pipeline ransomware attack

The Top 5 Considerations That Should Guide Your SOC Strategy in 2021 and Beyond

This one change could protect your systems from attack. So why don't more companies do it?

Thousands of patient records exposed after ransomware attack on CaptureRx

Top concerns for IT leaders planning for hybrid workplace environments

Train firm slammed over 'bonus' phishing test

“Treat your data with respect,” ransomware crooks tell hacked DC police

University of California data breach: Sensitive information of staff, students leaked

‘Urgent and aggressive’ action required as ransomware crisis deepens

Virtual terror: Ransomware attack in the US foregrounds the need to better protect key infrastructure

Water regulator has handled more than 20,000 malicious emails in 2021

Why the Colonial Pipeline hack matters

Why threat hunting is obsolete without context

Your Security Awareness Training Isn’t Working

10th May

A picture is worth a thousand words, but to hackers, it’s worth much more

AirTag Jailbroken For The First Time And It Could Be Used For Phishing Attacks By Hackers

Amazon fake reviews scam revealed in data breach with massive potential

Apple kept mum about XcodeGhost malware attack against 128M users

AXA halts ransomware crime reimbursement in France

AXA pledges to stop reimbursing ransom payments for French ransomware victims

Can Organizations Ever Reach a State of Zero Trust?

City of Tulsa's online services disrupted in ransomware incident

City Of Tulsa Says Ransomware Attack Impacting Some Services

Colonial hack: How did cyber-attackers shut off pipeline?

Colonial Pipeline aims to restore operations by end of the week after cyberattack

Colonial Pipeline attack ratchets up ransomware game

Colonial Pipeline looking to 'substantially restore operations by end of week

Colonial pipeline outage caused by 'Darkside' hack

Colonial Pipeline remains offline after ransomware attack

Cyber attack disrupts US fuel supplies

Cyberattack halts pipeline for third day

Cyberattack on US pipeline is linked to criminal gang

Cybersecurity technology is not getting better: How can it be fixed?

DarkSide explained: the ransomware group responsible for Colonial Pipeline cyberattack

‘DarkSide’ Is Probably Responsible for the Ransomware Attack Against Colonial Pipeline

DarkSide ransomware will now vet targets after pipeline cyberattack

Defending against Windows RDP attacks

East Coast Faces Gas Price Spike Due to Ransomware on Pipeline

Exploiting common URL redirection methods to create effective phishing attacks

FBI Confirms Colonial Pipeline Hit by DarkSide Ransomware

Getting a grip on basic cyber hygiene

Google wants to enable MFA by default

How a Hacking Group Did Apple Repair Professionals an Accidental Favor

How do I select a managed cybersecurity solution for my business?

How To Identify and Appoint the Right Security Partner for Your Organization

It's not just Scripps. Ransomware has become rampant in health care during pandemic

Japanese Power Tool Maker ‘Yamabiko’ Claimed as Victim by Babuk

Kaspersky says scamming activities around COVID-19 vaccines intensified in Q1 2021

Lemon Duck hacking group adopts Microsoft Exchange Server vulnerabilities in new attacks

Lessons learned from the iPhone call recording app vulnerability

Malicious COVID-19 vaccine SMS that compromises Android phones spreading

Malicious UK Website Takedowns Surge 15-Fold in 2020

Mobile phishing has seen a huge rise in some industries

Nationwide Utilities Down Due to Ransomware Attack on Cloud Provider ASAC

New South Wales Government Tables Revolutionary Data Breach Disclosure Bill

No Room for Medieval Thinking in Ransomware

Of Pipelines And Cybersecurity

Over 25% Of Tor Exit Relays Spied On Users' Dark Web Activities

Parent slams data breach at Southchurch High School, Southend

Peloton's Data Breach Is a Reminder to Lie Whenever You Can

Phishing scam impersonating myGov to harvest personal details

Pipeline hit by cyberattack could be back by week’s end

Pipeline ransomware attack: US invokes emergency transport rules to keep fuel flowing

Ransomware: Survive by outrunning the guy next to you

Ransomware attack on healthcare admin company CaptureRx exposes multiple providers across United States

Ransomware attack on critical pipeline fuels worry of transport chaos

Ransomware Attack On Pipeline Company Could Cause Fuel Shortages And Higher Prices On The East Coast

Ransomware Attack Targeting Colonial Pipeline Shuts Fuel Shipments Across Eastern U.S.

Ransomware attacks hit 'under-resourced' city governments hardest, says cybersecurity expert whose kids' school was shut down by hackers for 4 days

Ransomware Takes Down East Coast Fuel Pipeline

Report Quantifies the True Cost of Ransomware

Russian criminal group suspected in Colonial pipeline ransomware attack

Scammers pose as non-existent “Massachusetts DMV” employees in new phishing scam

Security and Privacy Challenges Threaten to Ground Vaccine Passports

Shedding Light on the DarkSide Ransomware Attack

South Korea Deploying System to Monitor Crypto Phishing

Staff Bonus was “Crass” Phishing Simulation

The Colonial Pipeline ransomware attack and the SolarWinds hack were all but inevitable - why national cyber defense is a 'wicked' problem

The Dystopic Future of Cybersecurity and the Importance of Empowering CISOs

The fight for your data: mitigating ransomware and insider threats

The Underbelly of Ransomware Attacks: Local Governments

This security project has taken down 1.5 million scam, phishing and malware URLs in just one year

Top 5 things to know about web shells

UK/US: Patch These 11 Bugs Now to Thwart Russian Spies

University Cancels Exams After Cyber-Attack

US and Australia warn of escalating Avaddon ransomware attacks

US passes emergency waiver over fuel pipeline cyber-attack

West Midlands Railway sent staff fake bonus email in cyber-security test

What is ransomware? Everything you need to know about one of the biggest menaces on the web

Work to secure U.S. pipelines after Colonial ransomware cyberattack shuts down supply