Tzvi Joffre reports: A hacker group called Sharp Boys claimed that it had obtained data from Israeli tourism sites on Tuesday, including ID numbers, addresses, credit card information and more. Which sites were affected? The affected sites, according to the hackers, are hotels.co.il, isrotel.com, minihotel.co.il, tivago.co.il and danhotels.com. Read more at Jerusalem Post.
Category: Hack
Cyberattacks: Karakurt makes a comeback with a bang
The following is a machine translation of an article by Valéry Rieß-Marchive: “A lot of May leaks are coming”. This is the message displayed in large print on the front page of Karakurt’s new showcase site. And he is not alone. It is accompanied by the announcement of future disclosures of data concerning 10 hitherto unknown victims. All are scheduled for…
Illuminate breach victims are still first being notified
Spotted today: a notification by the Renton School District in Washington that they notified 20,509 Washington residents on June 17 dues to a breach that sounds like the Illuminate breach (based on the dates reported by Renton): https://agportal-s3bucket.s3.amazonaws.com/databreach/BreachM13493.pdf
Unsurprisingly, hacktivists protest the overturn of a woman’s right to her own body
The announcement appeared on the Telegram channel of a group calling themself “SiegedSec:” TIME FOR SOME 1337 H4CKTIVISM!!! (4 the record, we will still do blackhat stuff 😉 Like many, we are also pro-choice, one shouldn’t be denied access to abortion. As added pressure to the U.S government, we have leaked many internal documents and…
Expensive week for Carnival Corp: a $1.25 million settlement with states over one breach, then a $5 million settlement with New York for violating state cybersecurity regulation
It seems this was the week for following up on Carnival Corporation breaches. Earlier this week, state attorneys general announced a $1.25 million multistate settlement with the cruise line over a 2019 data breach first disclosed in 2020. But there was other news concerning the cruise line this week, too. On Friday, the New York…
Everything old is new again? Ransomware groups stop encrypting and switch to theft/extortion model.
In a new post at The Register, Jessica Lyons Hardcastle reports, in part: ….. Increasingly, however, cybercrime rings still tracked as ransomware operators are turning toward primarily data theft and extortion – and skipping the encryption step altogether. Rather than scramble files and demand payment for the decryption keys, and all the faff in between…