Jonathan Greig reports: More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password protected database, according to security researcher Jeremiah Fowler and a team of ethical hackers with Website Planet. Fowler discovered a database run by Gale Healthcare Solutions with 170,239 exposed records that included names, emails, home addresses, photos and in some…
Category: Business Sector
Cyber attack on Kisters AG by orchestrated ransomware attack
On November 10-11, Kisters AG in Germany was hit by a ransomware attack. Because the firm is a critical infrastructure supplier for energy systems and with the potential for downstream compromise, this one has raised significant concerns. The following are some translated snippets from energie.blog, which has been providing updates on the attack: Update: 11/21/2021:…
Former Ubiquiti employee charged with hacking and extorting company
Catalin Cimpanu reports: An Oregon man and a former employee of Ubiquiti Networks was arrested and charged today with hacking the company’s servers, stealing gigabytes of information, and then attempting to extort his employer for $2 million when Ubiquiti began investigating the breach. The suspect, arraigned in a courtroom earlier today, was identified as Nickolas Sharp,…
UK watchdog’s punishment for Blackbaud, Easyjet, other big privacy lawbreakers was slap on the wrist in private
Gareth Corfield reports: Blackbaud was given a private slap on the wrist by the UK’s Information Commissioner’s Office (ICO) after paying off criminals who stole users’ financial data from the cloud CRM biz’s servers. The astonishingly mild sanction was revealed in a Freedom-of-Information response after senior data protection specialist Jon Baines at London law firm Mishcon de Reya asked…
Recovering from ransomware: One organization’s inside story
Yann Serra reports: On Sunday 21 February 2021, Manutan, a large office equipment distributor, discovered that two-thirds of its 1,200 servers had succumbed to a cyber attack by the DoppelPaymer ransomware crew. Commercial activity at the France-headquartered company – which has 25 subsidiaries spread across Europe – would be frozen for 10 days and did not resume fully until…
Panasonic discloses four-months-long data breach
Catalin Cimpanu reports: Japanese electronics giant Panasonic has disclosed on Friday a major security breach after an unidentified threat actor had gained access to its internal network. The Osaka-based company said it detected the security breach earlier this month, on November 11. “As the result of an internal investigation, it was determined that some data…