Remember the “good old days” when we were most worried about phishing or BEC attacks to get employees’ W-2 data for tax refund fraud scams? Have you seen any reports like that recently? I just realized that I haven’t when I saw one in the news today. Bill Toulas reports: “AST LLC” has announced a data…
Category: Business Sector
RagnarLocker ransomware hits EDP energy giant, asks for €10M
Sergiu Gatlan reports: Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or €9.9M). EDP Group is one of the largest European operators in the energy sector (gas and electricity) and the world’s 4th largest producer of wind…
Equifax settles Indiana case over massive data breach for $19.5 million
Nate Raymond reports: Equifax Inc will pay Indiana $19.5 million to resolve claims it failed to protect residents whose personal information was exposed in a data breach that affected 147 million people, the state’s attorney general said on Monday. Read more on Reuters.
Ransomware attacks lock 2 Manitoba law firms out of computer systems
Sean Kavanagh reports: Work at two Manitoba law firms is at a virtual standstill after cyber attacks left staff without access to their computer systems, locking out digital files, emails and data backups. Read more on CBC.ca.
Account details for 4 million Quidd users shared on hacking forum
Catalin Cimpanu reports: Quidd, an online marketplace for trading stickers, cards, toys, and other collectibles, appears to have suffered a data breach in 2019, and the details of around four million users are now being shared for free on underground hacking forums. The data, of which ZDNet has obtained samples from three different sources, contains Quidd usernames,…
Over 500,000 Zoom accounts sold on hacker forums, the dark web
Lawrence Abrams reports: Over 500 hundred thousand Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free. These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data…