Valéry Rieß-Marchive reports: In the first half of the year, more than 420 victims were claimed on the showcase site of the LockBit 2.0 franchise. This figure is lower than the reality. But to what extent? The examination of clues present in the source code of the showcase site sheds new light… on the level of…
Category: Breach Incidents
When the data leak is not from the victim you named, Wednesday edition
Ever since threat actor groups started naming and leaking victims who do not pay their demands, groups have occasionally misidentified their victims. Today’s example is courtesy of Avos Locker, who added the Canadian Mental Health Association to their leak site in April. Inspection of the data in the leak, however, quickly raised questions as to…
“You really don’t understand the situation…. Google about our team,” Hive tells victim
SuperAlloy Industrial Company Ltd. (SAI) is an international company specializing in engineering and manufacturing lightweight metal products predominantly for the automotive industry. You may not recognize their name but might be driving around on their wheels, as SAI has produced lightweight forged aluminum wheels for McLaren, Ferrari, AMG, BMW, Jaguar, Daimler, and other manufacturers. SAI…
Hackers claim to hit Israeli tourism sites
Tzvi Joffre reports: A hacker group called Sharp Boys claimed that it had obtained data from Israeli tourism sites on Tuesday, including ID numbers, addresses, credit card information and more. Which sites were affected? The affected sites, according to the hackers, are hotels.co.il, isrotel.com, minihotel.co.il, tivago.co.il and danhotels.com. Read more at Jerusalem Post.
GAO: HHS Needs Improved Data Breach Reporting
Frank Konkel reports: The Government Accountability Office is recommending the Department of Health and Human Services establish a feedback mechanism to improve the effectiveness of its data breach reporting process. The singular recommendation, issued in a June 27 audit, follows a significant increase in the number of data breaches involving unsecured protected health information at HHS….
MO: Fitzgibbon Hospital hit by ransomware, sensitive data leaked
Although one of this year’s trends in cybercrime seems to be a return to the theft/extort model, some groups continue to encrypt victims’ files. On Saturday, DataBreaches received information pointing to an attack on Fitzgibbon Hospital in Missouri. The group claiming responsibility call themselves “Daixin Team.” It is not a name known to DataBreaches…