Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 29th April and 5th May 2024.
5th May
APT28: Hacker group attacks Germany and Czech Republic
Bitfinex CTO Dismisses Breach Claims as ‘Pure FUD,’ Says No Group Has Asked for Ransom
Bitfinex Data Breach Raises Concerns Amid Doubts on Hack’s Veracity
BitFinex narrowly escapes a major cyber attack, the hackers were bluffing
Change Healthcare hit by new cyberattack
Crypto Exploiters Utilize Uniswap for Phishing Attacks
Cybersecurity researchers find that fake USPS phishing sites account for at least as much internet traffic as the Postal Service itself
Dawson Creek among British Columbia libraries breached as hackers demand ransom after taking emails, phone numbers
Disabled woman horrified after Scottish prisoner given her details in data breach
Finland warns of Android malware attacks breaching bank accounts
From teenage cyber-thug to Europe’s most wanted
Germany accuses Russia of 2023 cyber attack and promises ‘consequences’
LockBit's seized darknet site resurrected by police, teasing new revelations
Millions of Spanish Individuals’ Data at Risk: Threat Actor Claims Unauthorized RDP Access of a Spanish Company
More than 380,000 additional New York City students had personal info hacked, bringing total to over 1 Million
Preventable Cyber Attack Impacts Io.net
Ransomware attacks in Singapore businesses decline this year
Ransomware drama: Law enforcement seized Lockbit group’s website again
Rise in ransomware: UnitedHealth’s 2.2M cyber attack and the urgency of robust cybersecurity measures
Your credit card data and other personal info is at risk if you respond to this fake Netflix email
4th May
Alleged Data Breach at This Giant Cryptocurrency Exchange
Bitfinex CTO denies new allegations of user data hack, assures funds are secure
Bitfinex CTO denies rumors of data breach from ransomware group
Bitfinex Suffers Data Breach, Tether CEO Says “Seems Fake”
Canada: Data breach at Cariboo library system
From A 13-Year-Old Hacker To Europe's Most Wanted 11 Years Later
Hacker strikes some British Columbia libraries
How does a data breach affect you and why should you care?
Iranian hackers pose as journalists to push backdoor malware
Italian energy giant Eni reports cyber attack on Mellitah Company
London Drugs begins 'gradual reopening' on 7th day after cyberattack
London Drugs to re-open stores gradually following last week's cyber attack
Massive Data Breach Affects Victims of Family Violence and Sexual Assault in Victoria
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
New Goldoon Botnet Targeting D-Link Devices by Exploiting 9-Year-Old Flaw
Russian gang behind hack exposing family violence victims, government agencies
Singapore law firm allegedly paid ransom of S$1.89 million after being hit by cyber attack
Sydney Man Expected To Be Charged With Blackmail After Major Data Breach Investigation
Tamil Nadu Police Facial Recognition Portal Allegedly Breached, Exposing Millions of Records, Including Police Personnel Data
Threat Actor Allegedly Leaked Database of ISHOPPING.PK
WBTC Investor Loses $71 Million in Deceptive Phishing Attack
ZircoDATA hit by Black Basta ransomware in Feb, disclosure by government cyber-security czar in May
3rd May
9 in 10 Attacks Start With Phishing: Can AI Save The Day?
38 New Ransomwares are Detected by Malware Researchers in April
68% of Data Breaches Occur Due to Social Engineering Attacks
93% of security leaders have increased SaaS security budgets
Airsoft Data Breach Exposes Data of 75,000 Players
Android apps with 4 Billion installs leave open doors to code execution attacks
Android bug can leak DNS traffic with VPN kill switch enabled
Anonymous Collective Has Announced That the Group Will Target Saudi Arabia in the Cyber Realm
Australia: Canberra club members believed to be spared worst of data breach
Australia: Cybercrime detectives charge man with blackmail over an alleged data breach affecting NSW and ACT club patrons
Australia: Fairfield man released on bail after blackmail charge over data breach
Australia: Major Data Breach On Pub And Club Patrons
Australia: Man charged with blackmail over data breach of one million club patrons
Australia: New South Wales (NSW) Police Make Arrest in Clubs NSW Data Breach
Australia: NSW clubs’ data breach - 1,050,169 members affected
Australia: Qantas data breach
Australia: Revenge of the unpaid developers sees details of a million NSW club punters leak on the web
Australian ransomware payments average at $9.27 million
British Columbia library co-op seals leak after hacker obtained data, demanded ransom
Bug hunters can get up to $450,000 for an RCE in Google’s Android apps
Canada: Hacker breaches Cariboo libraries and demands ransom after taking emails, phone numbers
Cariboo Regional District Informed their Library Network Was Impacted By A Data Breach
Criminal assigned to ransomware group receives over 13-year sentence for 2021 incident
Cyber Attack On UnitedHealth Care Could Affect One Third Of U.S.
Cyber Attack Still Impacts San Bernardino County, California, Sheriff
Cybercrime doesn't pay: REvil hacker receives 13-year prison sentence and $16 million fine
Data breach impacts Airsoft community site
Data Breach Shakes UnitedHealth, Implications for American Healthcare
Dirty Stream Flaw Present in Android Apps with Millions of Downloads
Doncaster Council pays out £15K in data breach claims amid ‘worrying’ rise in the UK
Dropbox Data Breach Exposes Customer Data And More Details: Here's What The Company Said
Dropbox discloses data breach in electronic signature service
Email security loopholes are latest path for North Korean social engineering attacks
European raids shut down call centers used to ‘shock and cheat’ victims
Exploiter Steals $68M Worth of Crypto Through Address Poisoning
F Society Targets Rutgers University, Bitfinex in Latest Cyberattack
Feds warn of new Kimsuky phishing attack techniques
FIN7 Cybercrime Group Strikes US Auto Sector Using Carbanak
Five Families Back? Ransomware Group Claims Attacks on UAE Entities
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
Germany accuses Russian-backed APT28 of cyber attack on SPD
Germany Blames Russia for Cyberattack Targeting Ruling Party SPD
Germany blames Russia for 'intolerable' cyber attack
Germany Blames Russia for 'Intolerable' Cyber Attack on SPD Members
Germany says Russia behind massive cyberattack last year after Berlin decided to send Ukraine tanks
Germany summons Russian envoy over 2023 cyber-attacks
Germany summons Russian envoy over alleged cyberspying
Germany summons Russian envoy over Fancy Bear hacking
Germany warns of consequences for alleged Russian cyber attack
Global ransomware attacks grew by 53% in 2023
Google Announces Passkeys Adopted by Over 400 Million Accounts
Guernsey: Deputy faces 'formal reprimand' for data breach
Hacker breaches British Columbia libraries and demands ransom after taking emails, phone numbers
Hacker breaches British Columbia library system data, demands ransom
Hacker Breaches Dropbox Sign Database, Views Customer Data
Hacker demands ransom from British Columbia libraries after data breach
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
Healthcare Provider Kaiser Permanente Discloses Online Tracking Data Breach Impacting 13.4 Million
Hooker Furniture Faces Potential Data Breach as LockBit Claims Cyberattack
Hospital Simone Veil says it won't give in to LockBit group's ransom demand
How to Protect Yourself from Rising Romance Investment Scams
How to spot a phishing email like a cybersecurity expert?
Illinois’ biometric data privacy law could soon be less costly for violators
Indonesia is a Spyware Haven, Amnesty International Finds
‘Junk gun’ ransomware: Peashooters can still pack a punch
Kaiser Permanente data breach may affect 13M+ patients
Kansas District to Mandate Cybersecurity Training After Phishing Attack
Microsoft goes passwordless on all consumer accounts
Microsoft rolls out passkey authentication for personal Microsoft accounts
Microsoft, Google widen passkey support for its users
Most companies changed their cybersecurity strategy in the past year
Mounting global ransomware attacks significantly impact US
MSP Reliable Networks Denies Responsibility for Data Breach
NATO and EU condemn ‘intensifying’ Russian sabotage and hybrid operations
NATO and EU condemn Russia's cyberattacks against Germany, Czechia
Nestle (Brazil) Alleged Data Breach: Threat Actor 888 Exposes Employee Information
NHS Dumfries and Galloway apologises for "anxiety" caused by cyber attack
North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts
NSA warns of North Korean hackers exploiting weak DMARC email policies
NSA warns users about email attacks by North Korean hacker group
NSA, FBI Alert on North Korean Hackers Spoofing Emails from Trusted Sources
One-fifth of Docker Hub repositories are malicious, researchers find
One-third of Americans may have been victims of a massive health care data breach
Operation Pandora Takes Down a Dozen Fraudulent Call Centers
Panda Restaurant Group says March data breach compromised customers' personal information
Phishing Statistics: The 21 Latest Phishing Stats to Know in 2024
Qantas confirms data breach was not a cyber attack, app back to normal
Qantas confirms technology issue caused data breach that exposed personal information of customers
Ransom recovery costs reach $2.73 million
Ransomware payments rise 500% amid $2.73m recovery costs
REvil hacker Yaroslav Vasinskyi given lengthy prison sentence
Singapore law firm Shook Lin & Bok hit by cyber attack; allegedly paid $1.89m in bitcoin as ransom
State-Sponsored North Korean Hackers Penetrated South Korean Defense Companies, Stole Sensitive Technical Data
Suspect Charged After ClubsNSW Data Breach
Sydney man arrested in connection with major data breach
Sydney man charged with blackmail over clubs data breach
Tech support scams top list of elder fraud, new FBI report
The Post Millennial Allegedly Faces Data Breach as Threat Actor Claims Compromise of Database
U.K., U.S. and Canadian Cyber Authorities Warn of Pro-Russia Hacktivist Attacks on Operational Technology Systems
Ukraine records increase in financially motivated attacks by Russian hackers
Ukrainian Hacker Involved in Kaseya Ransomware Attack Receives 13-Year Sentence
Ukrainian intelligence disrupts Tatarstan’s networks in major cyber attack
Ukrainian REvil Hacker Gets 13 Years in US Prison for His Role in $700M Ransomware Scheme
Under the knife: Healthcare sector grappling with rising ransomware threat
Understanding the Link Between API Exposure and Vulnerability Risks
UnitedHealth data breach should be a wakeup call for the UK and NHS
UserSec Announces High Society Alliance: 20 Hacker Groups Unite to Target NATO and Europe
Verizon 2024 Data Breach Report shows the risk of the human element
What is Cybersecurity Mesh Architecture (CSMA)?
World Password Day: Experts Warn of Weak Passwords, Offer Security Tips
2nd May (World Password Day)
95% of organizations adjusted cybersecurity strategies this past year
2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element
AI-driven phishing attacks deceive even the most aware users
Alleged China-based hackers using ‘Cuttlefish’ malware platform to target Turkey
Android Flaw Affected Apps With 4 Billion Installs
Anonymous Collective Allegedly Conducts DDoS Attacks on Israeli Real Estate Companies
Authorities urging immediate action against pro-Russian hacktivist attacks
Best Practices to Secure your Supply Chains
B1ack’s Stash Market Allegedly Leaked 1 Million Credit Card Information
Cannes hospital responds to LockBit ransom attack demands
Change Healthcare cyberattack fallout continues
Change Healthcare Data Breach May Affect a Third of All Americans - What Happened?
CISA urges software developers to weed out path traversal vulnerabilities
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
CL0P Lists McKinley Packing, Pilot, and Pinnacle Engineering as Latest Victims
Continuum Health data breach impacted close to 400,000 patients in the U.S.
Continuum reveals hack exposed 377K Consensus Medical Group patients
Cyber attack forces London Drugs to shutter all Canadian pharmacy stores
Cybersecurity consultant arrested after allegedly extorting IT firm
Data Breach Group UndergroundDataLeaks Increases Data Breach Operations
Data Breach of UAE Government: Massive Security Breach Exposes Sensitive Information
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
Dropbox Reports Breach of Sensitive Authentication Data for its Sign Product
Dropbox says attackers accessed customer and MFA info, API keys
Dropbox Warns Hacker Accessed Customer Passwords And 2FA Data
Financial hacker transfers stolen funds after a year of dormancy
Five Ways to Dramatically Reduce the Risk of Password Compromise
Global Data Breaches and Cyber Attacks in April 2024 - 5,336,840,757 Records Breached
Hacker jailed over $700M REvil ransomware scheme
Hacker Makes Claim of Largest Attack on United Arab Emirates in History
Hacker Sentenced After Years of Extorting Psychotherapy Patients
Hackers Target New NATO Member Sweden with Surge of DDoS Attacks
Hacktivists Claim Cyberattack on Columbia University After Police Crackdown on Protests
Hundred Finance Hacker Resurfaces After Year-Long Hiatus
Investigation uncovers substantial spyware exports to Indonesia
Iranian hackers pose as journalists to breach victim systems
Iranian state-backed cyber spies continue to impersonate media brands, think tanks
Kaseya Ransomware Attacker Sentenced
Ladakh Social Welfare Department Data Hit By Alleged Cyberattack
LockBit publishes confidential data stolen from Cannes hospital in France
London Drugs says ‘no evidence’ of customer data breach amid 5th day of closures
Maine accounting firm sued after data breach exposes personal info of 1.1M people
Massive Data Breach in Australian Facial Recognition System Raises Alarm
Matryoshka 424 Emerges: New Pro-Russian Hacker Group Announces Recruitment Drive
Microsoft warns of "Dirty Stream" attack impacting Android apps
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw
New SOHO router malware aims for cloud accounts, internal company resources
New South Wales (NSW) Data Breach May Have Impacted a Million Pub and Club Patrons
Newly identified botnet targets decade-old flaw in unpatched D-Link devices
No MFA, Major Consequences: Simple Security Oversight Led to Change Healthcare Data Breach
NSA security designer goes to jail for sharing top secret files
Organizations patch CISA Known Exploited Vulnerabilities (KEV) list bugs 3.5 times faster than others, researchers find
Outabox Data Breach Exposes PII of more than 1 Million Australian Club Visitors
Panda Express breached, extent still unknown
Police shut down 12 fraud call centres, arrest 21 suspects
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
Questions continue regarding Robeson County data breach
Reported Australian biometric data breach prompts arrest and hysteria
REvil hacker behind Kaseya ransomware attack gets 13 years in prison
REvil Ransomware Affiliate Sentenced to Over 13 Years in Prison
Securing your organization’s supply chain: Reducing the risks of third parties
Security Breach Exposes Dropbox Sign Users
Thousands of Airsoft players under threat after data breach
Three-Quarters of CISOs Admit App Security Incidents
Two years in, Google says passkeys now protect more than 400 million accounts
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million
Ukrainian sentenced to almost 14 years for infecting thousands with REvil ransomware
Understanding Scattered Spider, and how they perform cloud-centric identity attacks
US and UK Warn of Disruptive Russian Operational Technology (OT) Attacks
US warns of North Korean hackers using email security flaws for phishing attacks
World Password Day: Cybersecurity Best Practices and Tips for MSPs
1st May
1 in 5 US Ransomware Attacks Triggers Lawsuit
Adobe Adds Firefly and Content Credentials to Bug Bounty Program
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
Are VPNs Legal To Use?
Australia's Qantas probing reports of data breach at loyalty app
Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds
Breach Alert: Alleged Sale of AutoCAD Files from US Air Force Academy (USAFA) and US Space Forces (USSF) Military Bases
CISA says GitLab account takeover bug is actively exploited in attacks
Critical infrastructure operators urged to harden systems against pro-Russia hackers
Dropbox reports data breach, user info compromised
Dropbox says hacker accessed passwords, authentication info during breach
DropBox says hackers stole customer data, auth secrets from eSignature service
Essential steps for zero-trust strategy implementation
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia
French hospital Hôpital de Cannes - Simone Veil (CHC-SV) refuses to pay LockBit extortion demand
Gootloader Attacks Healthcare Down Under
Hewlett Packard Enterprise (HPE) Aruba Networking fixes four critical RCE flaws in ArubaOS
Lawsuits After Ransomware on the Rise
Lawsuits and Company Devaluations Await For Breached Firms
LockBit, Black Basta, Play Dominate Ransomware in Q1 2024
More than 100 arrested in Spain in $900,000 WhatsApp scheme
Muddling Meerkat Group Suspected of Espionage via Great Firewall of China
National Cyber Security Centre (NCSC) New Mobile Risk Model Aimed at “High-Threat” Firms
New Cuttlefish malware infects routers to monitor traffic for credentials
Panda Restaurants discloses data breach after corporate systems hack
Qantas app exposed sensitive traveler details to random users
Qantas probes data breach in frequent flyer app
Ransomware gang RAGroup activities increased by more than 300%
Recovering from ransomware attack could cost remote Scottish council £500,000
Telecoms company Magnet+ investigating possible cyber attack
Threat Actor Allegedly Leaks Database of ProcuradurÃa General de la República
UnitedHealth CEO Confirms Breach Tied to Stolen Credentials, No MFA
UnitedHealth CEO confirms company paid $22 million ransom in heated Senate hearing
UnitedHealthcare CEO says ‘maybe a third’ of US citizens were affected by recent hack
UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack
US government warns of pro-Russian hacktivists targeting water facilities
Verizon Data Breach Investigation Report (DBIR) paints a bleak picture of data breach landscape
Vulnerability Exploits Triple as Initial Access Point for Data Breaches
Why cloud vulnerabilities need CVEs
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan
30th April
66SLAVS Group Allegedly Breaches UAE’s Largest Web Design Studio, LRB Info Tech
Against the advice of pros more companies than ever are paying ransoms
Almost 500,000 Individuals Affected by Designed Receivable Solutions Data Breach
Amount paid in ransomware attacks has risen five times compared to previous year
AT&T, Verizon, T-Mobile Slapped with $200 Million Fine Over Location Data Sharing
Aussizz Group Data Breach
Australia: Mt Hira College suffers alleged student email data breach
Baltic countries blame Russia for GPS jamming of commercial flights
Black Kite Research Reveals Growing Persistence, Sophistication and Aggression Within Cybercrime Ecosystem
Business email compromise: defending your organisation
Central Bedfordshire Council has paid out more than £70k in compensation for 450 data breach claims
Change Healthcare hacked using stolen Citrix account with no MFA
Change Healthcare hackers broke in using stolen credentials - and no MFA
Collection agency data breach affects millions of users
Congress circles UnitedHealth as effects of ransomware attack continue
Considerations for Operational Technology Cybersecurity
Critical steps to help school districts combat ransomware attacks
Cyber Heist Alert: North Korea Hackers Lazarus Group Use LinkedIn To Prey on Crypto Firms
Cyber-attack risks are real, no matter what business you’re in
DarkGate spreads to 30+ countries via novel HTML phishing
Data breach at Financial Business and Consumer Solutions (FBCS) exposes nearly 2 million individuals
Data breach at J.P. Morgan Chase exposes records of 451,000 retirement savers
Data Breach KISTI SMART K2C: Allegedly 7.79 Million Users’ Information Exposed
Debt Collection Agency Financial Business and Consumer Solutions (FBCS) Suffers Data Breach Affecting 1.9 Million People
Department of Homeland Security (DHS), CISA Partner to Secure Critical Infrastructure in the Age of AI
Federal Communications Commission (FCC) Fines Carriers $200m For Selling User Location Data
Federal Communications Commission (FCC) fines major wireless carriers over illegal location data sharing
Federal Communications Commission (FCC) slaps fines on wireless carriers for illegally selling location data
Finnish hacker imprisoned for accessing thousands of psychotherapy records and demanding ransoms
Finnish Hacker Kivimaki Found Guilty in Vastaamo Hack
Finnish hacker receives sentencing for extortion of therapy patients by obtaining thousands of records
Global Sting Disrupts $1 Million Phishing Ring
Google bans 2.3M apps and hundreds of thousands of accounts from its Play Store
Google Blocks 2.3 Million Apps From Play Store Listing
Hacker jailed for blackmailing therapy patients
Hacker who blackmailed psychotherapy patients sentenced to six years in prison
Hacking homework for exam breach suspect
Healthcare Cybersecurity: 5 Steps to Prepare for a Ransomware Attack
Healthcare Organizations Lose 20% of their Sensitive Data in Every Ransomware Attack
Hong Kong: No data leakage found yet as Arts Development Council condemns cyber attack
How much South African firms pay ransomware gangs
Hull City Council pays £30K in data breach claims and suffers nine cyber attacks in three years
India Emerges as Third-Largest Target for Phishing Attacks Globally
India Faces Over 79 Million Phishing Attacks in 2023: What You Need to Know
India Ranked Third In Global Phishing Attempts
India recorded over 79 million phishing attacks in 2023, new study suggests
Kaiser Permanente Announces Data Breach Affecting Millions
Kaiser Permanente Cyber Attack Exposes 13.4 Million Users Data
Lazarus Hackers Group Use LinkedIn To Launch Phishing Fraud
LockBit, RAGroup Drive Ransomware Attacks in March
London Drugs Temporarily Closes All Western Canadian Stores After Cyberattack
Marriott admits to using weaker encryption during the 2018 data breach
Millions of Docker repos found pushing malware, phishing sites
Millions of Malicious Containers Found on Docker Hub
Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years
Nearly 2 Million impacted by Financial Business and Consumer Solutions breach
New Cyber Attack Targets Facebook Users Through Fake Ads On Google
New Latrodectus malware attacks use Microsoft, Cloudflare themes
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
New Wpeeper Android malware hides behind hacked WordPress sites
North Tyneside Council pays out staggering £65K in data breach claims amid ‘worrying’ rise in the UK
Over 70% of Small Businesses Worldwide Suffered a Cyber Attack in the Last 2 Years
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades
Passwords under seven characters can be easily cracked
Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach
Philadelphia Inquirer struck by cyberattack
Poloniex Hacker Moves Enormous $32 Million in Bitcoin
Poor cyber hygiene and budgets leave organizations ill-prepared
Q1 2024 Sets Record for Most Global Ransomware Attacks in a First Quarter
R language flaw allows code execution via RDS/RDX files
Ransom Payments Surge by 500% to an Average of $2m
Ransom payments surge to staggering $2M on average, a 500% jump from last year
Ransomware and extortion incidents surged by 67% in 2023
Ransomware Group LockBit Claims Responsibility for Cannes Hospital Cyberattack
Ransomware menace plagues Indian businesses, more than 200k attacks in one year
Ransomware Payments Soar 500% in the Last Year
Ransomware recovery cost averages $1.04m in South Africa
Ransomware Rising Despite Takedowns
Security Breach Exposes Italian Red Cross Network: Allegedly Threat Actor Shares Details of the Incident and Offers Backdoor Access
SiegedSec Allegedly Hacks Westboro Baptist Church, Leaks Data and Source Code
Singapore is 5th most targeted country for ransomware attacks in Asia
The Staggering Rise of Ransomware Attacks in 2023
The State of Ransomware 2024
There was an 81% year-over-year increase in ransomware attacks
Triangulation fraud: The costly scam hitting online retailers
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure
UK Government Law Will Soon Prohibit Passwords Such As “admin” or “12345”
UnitedHealth hackers exploited Citrix bug, CEO says
Unverified: ANON SEC BD Claims Cyberattack on Saudi Water Facilities
Urgent Alert for Apple Users: A Surge in Phishing Attacks Demands Password Resets
US fines telcos $200M for sharing customer location data without consent
US Government Releases New Resources Against AI Threats
UserSec, NoName057(16), and Cyber Army of Russia Target UK’s Economic Sector
Vastaamo Hacker Sentenced for Blackmailing Thousands Over Stolen Therapy Notes
YMCA Fined for Data Breach, ICO Raises Concerns About Privacy for People with HIV
29th April
2 million hit in massive debt collector data breach - full names, birth dates and SSNs exposed
72% of CISOs believe AI solutions may lead to security breaches
90% of company attacks start with a phishing email
91% of ransomware victims paid at least one ransom in the past year
2023 Was the Year Threat Actors Disabused Our Trust in Digital
Agent Tesla and Taskun Malware Targeting US Education and Government Entities
AI is creating a new generation of cyberattacks
Avast fined nearly $15M for GDPR violations
Belarus secret service website still down after hackers claim to breach it
Belarusian KGB allegedly breached, hackers dox over 8600 agents
Breaking 2FA authentication: demystifying your security
Britain bans simple passwords for smart devices
Catholic Diocese of Cleveland, Ohio announces data breach
Central Bank Argentina Data Breach: Hackers Allegedly Offer Customer Info for Sale
China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale
Chinese hackers are now using this tactic for spying
Collection agency Financial Business and Consumer Solutions (FBCS) warns data breach impacts 1.9 million people
Compounded Crisis: Change Healthcare’s Breach Escalates with New Threats
Cyber-Partisans hacktivists claim to have breached Belarus KGB
Cyber crooks ramp up credential stuffing attacks
Cybersecurity incident forces closing of London Drugs stores across Western Canada until further notice
Cybersecurity researchers spotlight a new ransomware threat - be careful where you upload files
Data breach may have involved millions of patients, Kaiser Permanente says. What was leaked?
defi SOLUTIONS calls out ‘bluff’ of recent hacker threats
Designed Receivable Solutions Data Breach Leaks an Estimated 498,686 Patient Social Security Numbers
Essex County Council Compensation Payouts Increase
Experts weigh in on Omni Hotel ransomware incident
Experts weigh in on the MITRE nation-state cyberattack
Fake Chrome Updates Hide Android Brokewell Malware Targeting Your Bank
FBI warns of fake verification schemes targeting dating app users
Federal Communications Commission (FCC) fines carriers $196 million for selling customer location data
Federal Communications Commission (FCC) fines carriers $200 million for illegally sharing user location
Federal Trade Commission (FTC) Strengthens Health Data Breach Notification Rule to Protect Consumers
Fighting Ransomware: Steps to Shield Your Business
Financial Business and Consumer Solutions (FBCS) data breach impacted 2 Million individuals
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Google rejected 2.28 million risky Android apps from Play store in 2023
Hackers Exploit WP-Automatic Plugin Vulnerability, Threatening WordPress Site Security
Hackers Took Just 29-Days From IcedID Infection to Dagon Locker Ransomware
Hacktivists Claim Breach of Belarusian Intelligence Agency
Hunters Ransomware Claims Two: Rocky Mountain Sales, SSS Australia Targeted
ICICI Bank glitch gave access to other clients’ credit cards
Impact of cybersecurity organizational structure on ransomware outcomes: The most successful models
Interim Healthcare of Lubbock Notifies Patients of June 2022 Data Breach
JP Morgan employees access sensitive information they weren’t supposed to see
Judge0 Sandbox Vulnerabilities Expose Systems to Takeover Risk
Junk Gun ransomware infiltrates dark web
KageNoHitobito Ransomware Attacking Windows Users Around the Globe
Kaiser Permanente data breach may have affected millions
Kaiser Permanente says data breach may affect 13.4M customers
Kaiser Permanente suffers a data breach that may impact 13.4M members
KaliHunt Groups Allegedly DDoS Attacks on US Airports and Baltic Countries
Kansas City system providing roadside weather, traffic info taken down by cyberattack
Kaspersky reveals email is primary gateway for phishing attacks
Lazarus Group Poses As Fenbushi Capital For Phishing Scams, Lures Users Via LinkedIn
Lazarus Group Poses as Fenbushi Exec on LinkedIn for Cyber-Hacking
Lazarus Group Strikes Again: New Crypto Phishing Scam Targets LinkedIn Users
London Drugs across Greater Victoria to remain closed after cyber attack
London Drugs closes all of its pharmacies following 'cybersecurity incident'
London Drugs pharmacy chain closes stores after cyberattack
London Drugs shuts down all western Canadian stores 'until further notice' following cyber incident
Moldova Government Hit by NoName Ransomware: Websites Down
Muddling Meerkat hackers manipulate DNS using China’s Great Firewall
Navigating Data Breach Communication: A Blueprint For Executives
Navigating personal liability: post data-breach recommendations for CISOs
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM
New banking malware gives hackers complete control of Android phones
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks
New Ransomware Group “SpaceBears” Attacks: Multiple High-Profile Victims Targeted
New UK Smart Device Security Law Comes into Force
North Korea hackers Lazarus Group poses as Fenbushi partner on LinkedIn
Okta warns customers about credential stuffing onslaught
Okta Warns Customers of Credential Stuffing Barrage
Okta warns of surge in credential stuffing attacks
OrthoConnecticut Notifies Patients of Recent Data Breach Affecting Their SSNs
Paramedics' mobile numbers 'exposed' in data breach
Pennsylvania Insurance Department Urges Caution in Wake of Data Breach: Implications and Protective Measures
QNAP Unveils Three Critical Flaws in NAS Software Suite (CVE-2024-32764, CVE-2024-32766, CVE-2024-27124)
Ransomware payment bans need universal buy-in
Report details impact of cyber attack on IT firm
Researchers Discover New Android Banking Trojan ‘Brokewell’ Disguised as Chrome Update
Researchers unveil novel attack methods targeting Intel’s conditional branch predictor
Romance scammers offer fake protection from sex offenders, FBI warns
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Security leaders respond to disruption of LabHost, a fraud website
Social exclusion charity Extern “urgently reviewing” impact of data breach following ransomware attack
Software supply chain risks for AI and ML models
Spanish Bank EvoBanco Security Breach: Gradual Release of Data
SSS Australia falls victim to Hunters International ransomware gang
Staff taking legal action over Northern Ireland police data breach
States of Guernsey under investigation following data breach which saw 5,059 records leaked
Study Reveals Alarming Levels of USPS Phishing Traffic
Text phishing scam claiming unpaid tolls sent to Michigan residents
The Los Angeles County Department of Health Services disclosed a data breach
Thousands of PSNI officers and staff pursue legal action over data breach
Threat Actor Claims Sale of Dell Database Containing 49 Million Customer Records
U.S. Postal Service (USPS) Phishing Scams Generate Almost as Much Traffic as the Real Site
UK becomes first country to ban default bad passwords on IoT devices
UK enacts IoT cybersecurity law
UK government introduces new laws in cyber-attack crackdown
UK’s new ‘world first’ laws crack down on smart gadget cyber attacks
Ukrainian military intelligence claims attack on website of Russia’s ruling party
‘Unprecedented Scale’ of Credential Stuffing Attacks Observed: Okta
US Post Office phishing sites saw almost as much traffic as real website
USDoD Resurfaces with Alleged China Data Leak After Building New Content Delivery Network (CDN) Site
Voter Registration System Taken Offline in Coffee County Cyber-Incident
Washington State Casino Reopens Weeks After Apparent Cyber Attack
What is MFA bombing? Apple users were targeted using this phishing technique
What the U.S. Still Needs to Do to Combat Ransomware