Raphael Satter reports: A cyber extortion gang suspected of being an offshoot of the notorious Russian Conti group of hackers has raked in more than $100 million since it emerged last year, researchers said in a report published on Wednesday. Digital currency tracking service Elliptic and Corvus Insurance said in a joint report the ransom-seeking cybercrime group…
Author: Dissent
DFS Announces $1 Million Cybersecurity Settlement With First American Title Insurance Company
Press Release of November 28: The New York State Department of Financial Services (DFS) today announced that First American Title Insurance Company (First American) will pay a $1 million penalty to New York State for violations of DFS’s Cybersecurity Regulation (23 NYCRR Part 500) stemming from a large-scale cybersecurity breach in May 2019. The breach…
ID Theft Service Resold Access to USInfoSearch Data
Brian Krebs reports: One of the cybercrime underground’s more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned. Since at least February 2023, a service advertised on Telegram called USiSLookups has operated an automated bot that allows anyone to look…
Okta admits hackers accessed data on all customers during recent breach
Carly Page reports: U.S. access and identity management giant Okta says hackers stole data about all of its customers during a recent breach of its support systems, despite previously stating that only a fraction of customers were affected. Okta confirmed in October that a hacker used a stolen credential to access its support case management system…
Hackers breach Israel intelligence group’s website
The Middle East Monitor reports: An unknown entity has breached the website of the Shin Bet veterans’ association, Shoval, and may have stolen the details of the intelligence agency’s former employees, the French website Intelligence Online has reported. According to the website, the agency’s management has requested members of the association to be cautious, especially when travelling…
Queensland passes mandatory data breach notice laws
Justin Hendry reports: Queensland has become only the second state to legislate a mandatory data breach notification scheme for public sector entities, as an almost identical scheme comes into effect in New South Wales. The Information Privacy and Other Legislation Amendment Bill 2023 passed through the Queensland state Parliament on Wednesday, less than two months…