Bill Toulas reports: A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication. Researchers believe the campaign’s goal is to breach corporate accounts to conduct BEC (business email compromise) attacks, diverting payments to bank accounts under their control using falsified documents. The phishing campaign’s…
Author: Dissent
Twitter confirms January breach, urges pseudonymous accounts to not add email or phone number
Jonathan Greig reports: Twitter officially confirmed that a January breach led to the leak of information connected to 5.4 million accounts. Two weeks ago, a hacker on Breach Forums offered email addresses and phone numbers connected to the accounts, which they said ranged from “celebrities, companies, randoms, OGs, etc.” […] For those who have pseudonymous Twitter accounts,…
Cyberattack on Albanian government suggests new Iranian aggression
Lily Hay Newman of Wired reports: In mid-July, a cyberattack on the Albanian government knocked out state websites and public services for hours. With Russia’s war raging in Ukraine, the Kremlin might seem like the likeliest suspect. But research published on Thursday by the threat intelligence firm Mandiant attributes the attack to Iran. And while Tehran’s espionage…
No Injury = No Article III Standing in Data Breach Class Action
Amy Brown Doolittle of Squire Patton Boggs writes: As we have discussed here at CPW, one of the biggest challenges facing a plaintiff in a data breach class action is to establish an injury from the alleged data breach. Earlier this week, in David De Midicis v. Ally Bank & Ally Fin., Inc., 2022 U.S. Dist. LEXIS…
Update: Investigation reveals thousands had info exposed in Prince Edward Island arts centre ransomware incident
Jack Morse reports: The full impact of a data breach at Prince Edward Island’s largest arts centre is now clear. The results of a recently completed investigation show thousands of people had their personal information exposed. The cyberattack was first reported by the Confederation Centre of the Arts in January. In February, officials confirmed it…
‘They completely ignored us’: More doctors claim stonewalling by Eye Care Leaders during breach
Jessica Davis reports: Unresponsive. Completely ignored. Misleading. Breached contracts. In a highly regulated industry like healthcare, these are not words one would expect to hear about a vendor tasked with hosting the electronic medical records of small providers and their related patient data. But in the wake of the coverage detailing a number of cited…