RAT Malware Allowed Cybercriminals to Surreptitiously Connect to Victims’ Computers to Steal Data and Engage in Other Malicious Activities Without Victims’ Knowledge The Justice Department announced today that, as part of an international law enforcement effort, federal authorities in Boston seized internet domains that were used to sell computer malware used by cybercriminals to secretly…
Category: Breach Incidents
LockBitSupp banned as a “ripper:” drama on the Russian-language forums
Anastasia Sentsova and Jon DiMaggio have written about the latest drama in the ransomware world: LockBitSupp was banned from XSS.is, and as is their policy, he was therefore also banned on Exploit.in. Banned in the two well-known Russian-language forums, LockBitSupp tried to appeal the decision to RAMP. Even though it seems RAMP agreed with him,…
Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline
Chainalysis got everyone’s attention with their new report. They write, in part: 2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022, which we forewarned in our Mid-Year Crime Update. Ransomware payments in 2023 surpassed…
Verizon insider data breach affects over 63,000 employees
Bleeping Computer reports that Verizon has notified the Maine Attorney General’s Office of an insider data breach affecting 63,206 employees. According to their sample notice of what was sent to those affected, an employee gained unauthorized access to employee data on September 21, 2023, although Verizon didn’t discover the problem until December. The types of…
Two hosting companies in Romania had what appear to be unrelated breaches. Did either one ever issue a public notice? (2)
In April 2023, DataBreaches reported on an alleged incident involving TIC Hosting in Romania. No one from TIC Hosting ever responded to inquiries from this site, and inquiries to the data protection regulator for the country indicated that TIC Hosting had never reported any data protection incident to them. And that seemed to be the…
HHS’ Office for Civil Rights Settles Malicious Insider Cybersecurity Investigation for $4.75 Million
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a settlement with Montefiore Medical Center, a non-profit hospital system based in New York City for several potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. OCR is responsible for administering and enforcing health information…