Phil Muncaster reports: Estee Lauder has become the latest big name to suffer an apparently serious ransomware breach, after two groups claimed to have compromised the firm. The cosmetics giant was posted to the leak site of both the Alphv/BlackCat and Clop ransomware gangs, according to security researchers on Twitter. Read more at Infosecurity Magazine….
Category: Business Sector
Microsoft to Offer Some Cybersecurity Tools Free After Suspected China Hack
Dustin Volz and Robert McMillan report: Microsoft said it plans to offer free some tools that can spot cyberattacks following last week’s disclosure of a major security breach linked to Chinese hackers that was undetectable for some customers. The decision to open up access to its back-end systems that log activity on the cloud came after Microsoft’s tiered…
Recycling giant TOMRA pulls systems offline following ‘extensive cyberattack’
Paul Kunert reports: Norwegian mining and recycling giant TOMRA says it has isolated tech systems as it deals with an “extensive cyberattack.” TOMRA has multiple divisions that focus on areas including waste and recycling solutions, metal sorting systems, mining machine systems and food sorting equipment. It turned over $1.2 billion in calendar 2022. Read more…
No Need to Hack When It’s Leaking, Monday edition: Dating App That Claims 50 Million Users Suffered a Data Breach
Jeremiah Fowler writes: Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained approximately 2.3 million records. Upon further investigation, it became clear that these records were associated with multiple dating applications contained in a single database. A majority of the records referred to an application called 419 Dating – Chat…
Kr: PIPC Sanctions LG U+ Telecom, Imposes Administrative Penalty of $5.3 Million for Breach Along with Corrective Orders
Press Release July 12, 2023 (This is an unofficial translation of a press release, originally prepared in Korean.) On July 12, the Personal Information Protection Commission (PIPC) held a plenary meeting and reached a decision to impose an administrative penalty of KRW 6.8 billion (USD 5.3 million) and an administrative fine of KRW 27 million…
Payroll Services Provider UKG Agrees to $6 Million Settlement in Data-Breach Lawsuit
James Rundle reports: Payroll services provider UKG has agreed to settle a class-action lawsuit stemming from a cyberattack in 2021, capping a significant piece of litigation that emerged from the incident. A ransomware strike in December 2021 forced parts of UKG’s Kronos Private Cloud product offline, disrupting software that tracked employee hours during the Christmas holiday period….