Earlier today, AlphV added MeridianLink to their leak site. MeridianLink (MLNK) is the provider of a loan origination system and digital lending platform for financial institutions. AlphV’s listing has been temporarily removed to be updated, but DataBreaches has learned some additional details from someone involved in the attack. The attack was last Tuesday, November 7….
Category: Financial Sector
Gang says ICBC paid ransom over hack that disrupted US Treasury market, ‘deal closed’
James Pearson reports: China’s biggest lender, the Industrial and Commercial Bank of China, paid a ransom after it was hacked last week, a Lockbit ransomware gang representative said on Monday in a statement which Reuters was unable to independently verify. ICBC, whose U.S. arm was hit by a ransomware attack that disrupted trades in the…
FBI Identifies Cryptocurrency Funds Stolen by DPRK
[Press Release] The FBI is warning cryptocurrency companies of recent blockchain activity connected to the theft of hundreds of millions of dollars in cryptocurrency. Over the last 24 hours, the FBI tracked cryptocurrency stolen by the Democratic People’s Republic of Korea (DPRK) TraderTraitor-affiliated actors (also known as Lazarus Group and APT38). The FBI believes the…
Compliance: National Credit Union Administration issues letter on cyber incident reporting notification requirements
CUNA reports: NCUA issued a Letter to Credit Unions (23-CU-07) on the cyber incident notification requirements that go into effect Sept. 1. Credit unions will be required to notify the NCUA no later than 72 hours after the credit union reasonably believes it has experienced a reportable cyber incident or has received a notification from…
Proposed Second Amendment to NYDFS Cybersecurity Regulations: Comments Due August 14
Micaela McMurrough and Caleb Skeath of Covington & Burling write: Following up on the recent release by the New York Department of Financial Services (“NYDFS”) of an updated proposed second amendment to its “first-in-the-nation” Cybersecurity Regulation, 23 NYCRR Part 500 (proposed second amendment released June 28, 2023), it is not too late for companies to submit comments…
Attacked by Black Basta, BankCard USA paid ransom.
Marco A. De Felice of SuspectFile (aka @amvinfe) reports that BankCard USA (BUSA) recently paid the Black Basta ransomware group $50,000 ransom. But if BUSA hoped to keep the breach and payment out of the public eye, they should sit down before they read SuspectFile’s reporting, because it is going to make them sad. BankCard…