Cyber Criminals Targeting Websites to Steal Private Consumer Information and Use for Benefits Fraud Regulated Entities Are Advised to Review Security Controls for Public-Facing Websites The New York State Department of Financial Services (“DFS”) today issued a cybersecurity fraud alert (“Alert”) to all of its regulated entities. The Alert describes a widespread cybercrime campaign to steal consumers’ nonpublic information (“NPI”) from…
Month: February 2021
Thousands of CityBee users have their personal data leaked online
Matthew Holroyd reports: Police in Lithuania are investigating after the personal data of 110,000 people was leaked to an online hacker website. The car-sharing service, CityBee, confirmed the records and information of thousands of its customers had been compromised in the incident. Read more on EuroNews.
When Cyber Gangs Disregard Ransomware Payments, Victims Can Be Hit Twice
David Bisson reports: Several digital gangs have gone back on their pledge to honor the ransomware payments made by victims. In its Quarterly Ransomware Report for Q3 2020, Coveware notes that nearly half of the ransomware attacks it had tracked during that quarter had included the threat to leak unencrypted data. Yet, multiple gangs did not always…
UK: Breach of NHS Lothian colleague’s medical records linked to staff member at Edinburgh Royal Hospital
Elsa Maishman reports: An investigation has been launched by Police Scotland after the medical records of more than 150 NHS Lothian staff members were “inappropriately accessed” by a colleague, the Scotsman reported. After a delay in searching for a record of the incident, due to NHS Lothian being unable to provide certain details over fears…
Jones Day disputes claimed breach; points to hacked vendor; hacker points back to them (UPDATE2)
Although Jones Day failed to respond to multiple inquiries sent to it by this site about a ransomware attack claimed by CLOP threat actors*, the giant law firm apparently responded to inquiries by the Wall Street Journal. Their statement, however, omits important information and has been disputed by the threat actors. WSJ reports, in part:…
Could your baby monitor be unsafe and unsecured?
I’d ask, “Why is this STILL happening?” but I think we all know the answers to that, and Jim Wilson of Safety Detectives actually addresses that in his article. The SafetyDetectives cybersecurity team has discovered a vulnerability affecting baby monitors, provoked by their misapplication/misconfiguration, which provides potentially harmful parties with unauthorized access to each camera’s video stream….