The threat actors known as DarkSide claim to have attacked Toshiba.fr, acquiring 740 GB of data. Benoit Overstraeten and Makiko Yamazaki report: A Toshiba Corp unit said it was hacked by the DarkSide ransomware group, overshadowing an announcement of a strategic review for the Japanese conglomerate under pressure from activist shareholders to seek out suitors….
Author: Dissent
NHS-backed org reacted to GitHub leak disclosure with legal threats and police call, complains IT pro
Gareth Corfield has a commentary on a recent case where a researcher found himself threatened legally. It begins: IT pro Rob Dyke says an NHS-backed company not only threatened him with legal action after he flagged up an exposed GitHub repository containing credentials and insecure code, it even called the police on him. Dyke, who…
Chemical distributor pays $4.4 million to DarkSide ransomware
Another report by Lawrence Abrams today: Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to the DarkSide ransomware gang to receive a decryptor for encrypted files and prevent the threat actors from publicly leaking stolen data. Brenntag is a world-leading chemical distribution company headquartered in Germany but with over 17,000 employees worldwide…
Meet Lorenz — A new ransomware gang targeting the enterprise
Lawrence Abrams reports: A new ransomware operation known as Lorenz targets organizations worldwide with customized attacks demanding hundreds of thousands of dollars in ransoms. The Lorenz ransomware gang began operating last month and has since amassed a growing list of victims whose stolen data has been published on a ransomware data leak site. Michael Gillespie…
Jp: Two Salesforce incidents reportedly shut down online vaccination reservation systems, exposed other personal info
Updated May 18: See the Salesforce statement issued May 17 that says confirming that there was no data loss or breach involving the first incident described below. Yomiuri Shimbun reports: A failure in a cloud computing system provided by U.S.-based IT company Salesforce.com Inc. paralyzed COVID-19 vaccination reservation systems operated by local governments across Japan…
Georgia’s HB 156, requiring state notice for utility cybersecurity incidents, is now in effect
Lael Bellamy and Emily Maus of DLA Piper write: Georgia’s governor has signed into law House Bill 156, creating specific notice requirements for state agencies and utilities that experience cybersecurity attacks, data breaches or malware and requiring notice to the state director of emergency management in Georgia within two hours of notifying the federal emergency…