Brian Krebs reports: A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. An individual thought to be involved has earned accolades from the likes of Apple, Dell, and Microsoft for helping to find and…
Category: Business Sector
UK: Tesco issues 600,000 new Clubcards after credential stuffing attack
Kalila Sangster reports: Tesco (TSCO.L) is issuing new cards to 600,000 Clubcard account holders after discovering a security breach. The supermarket said some customers may have fallen victim to online fraud after a database of stolen usernames and passwords from other platforms had been tried out on its website. The use of the stolen data…
Legal services giant Epiq Global offline after ransomware attack
Zack Whittaker reports: Legal services giant Epiq Global has been hit by a ransomware attack. The company, which provides legal counsel and administration that counts banks, credit giants, and governments as customers, confirmed the attack hit on February 29. Read more on TechCrunch. A source came forward to Zack with additional details and information about…
AU: Alinta Energy accused of putting customers’ sensitive information at risk
Adele Ferguson and Chris Gillett report on documents leaked by a whistleblower: Leaked documents obtained by 7.30, The Age and The Sydney Morning Herald reveal the Chinese-owned energy giant does not appear to have proper systems in place to protect sensitive customer information. Through its retail operations Alinta collects names, addresses, birth dates, mobile numbers,…
Irish IT group Ergo foils major ransomware attack
Charlie Taylor reports: Irish IT services group Ergo is forecasting further growth as it reported revenues of €85.2 million last year as the company said it recently foiled a major ransomware attack. Ergo said it immediately moved to lock down servers late last Wednesday after becoming aware of a serious security incident. It was able to recover…
US Railroad Contractor Reports Data Breach After Ransomware Attack
Sergiu Gatlan reports: RailWorks Corporation, one of North America’s leading railroad track and transit system providers, disclosed a ransomware attack that led to the exposure of personally identifiable information of current and former employees, their beneficiaries and dependents, as well as that of independent contractors. Read more on BleepingComputer.