Sergiu Gatlan reports that Canadian retailer Fitness Depot has disclosed a breach of their e-commerce platform that affected consumers’ personal and financial information. Gatlan reports: Based on the info in the breach notification letter the company sent to all potentially impacted individuals, the attack has all the signs of a textbook Magecart attack where the threat…
Category: Business Sector
IT Services Giant Conduent Suffers Ransomware Attack, Data Breach
Ed Targett reports: Conduent, a $4.4 billion by revenue (2019) IT services giant, has admitted that a ransomware attack hit its European operations — but says it managed to restore most systems within eight hours. Although Conduent didn’t name the ransomware, the Maze Team announced the breach on their site and provided some proof of their…
Judge Pushes Back Accused LinkedIn Hacker’s Trial One Last Time Over COVID-19 Concerns
Ross Todd reports that a federal judge in San Francisco has once again delayed the resumption of the criminal trial of Yevgeniy Aleksandrovich Nikulin, the Russian man accused of hacking LinkedIn, Dropbox and Formspring. Read more on Law.com.
Agromart’s data up for auction while threat actors read — and publish — their victim’s emails about the attack
According to their website, The Agromart Group in Canada provides crop nutrients, seed, crop protection products, custom application and associated services to agricultural producers across Eastern Canada. Last month, they experienced a ransomware attack by the Sodinokibi/REvil threat actors. That in and of itself would be newsworthy, but then the threat actors decided to try…
Sekhmet ransomware team claims to have hit international IT firm “very hard”
Sekhmet ransomware operators claim to have hit an international IT firm, Excis, “very hard.” The attack reportedly occurred on May 30, and the threat actors are pressing hard to get the firm to pay an undisclosed amount of ransom. The attack was revealed yesterday on Sekhmet’s website. We are sharing a big part of their…
Amtrak resets user passwords after Guest Rewards data breach
Sergiu Gatlan reports: The National Railroad Passenger Corporation (Amtrak) disclosed a data breach that led to the exposure of personal information of some Guest Rewards members. … “On the evening of April 16, 2020, Amtrak determined that an unknown third party gained unauthorized access to certain Amtrak Guest Rewards accounts,” Amtrak Guest Rewards Senior Director…