Christopher Brown reports: Flagstar Bank NA agreed to pay $31.5 million to settle allegations it failed to protect the personal information of nearly 2.2 million people in data breaches linked to Accellion Inc.’s file-transfer software. Class members would be eligible for up to $25,000 in documented monetary losses, three years of credit monitoring services, and…
Category: Hack
Clop extortion emails claim theft of Oracle E-Business Suite data
Lawrence Abrams reports: Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems. According to Genevieve Stark, Head of Cybercrime and Information Operations Intelligence Analysis at GTIG, the campaign began in late September. “This activity began on…
Legal Practice Board of Western Australia begins notifying data breach victims
David Hollingworth reports: The Legal Practice Board of Western Australia (LPBWA) has said it has begun notifying individuals whose data was compromised following a cyber attack performed by the Dire Wolf ransomware gang in May. “Following a comprehensive investigation, the Legal Practice Board of Western Australia (the board) has commenced notifying individuals whose data was…
Hackers say they have deleted children’s pictures and data after nursery attack backlash
Joe Tidy reports: Hackers who attempted to extort a nursery chain by posting stolen images and data about children on the darknet have removed the posts and claim to have deleted the information. The criminals began posting profiles of the children to their website last Thursday, adding another 10 children days later and vowing to continue until Kido Schools…
Red Hat confirms security incident after hackers breach GitLab instance
Lawrence Abrams reports: An extortion group calling itself the Crimson Collective claims to have stolen nearly 570GB of compressed data across 28,000 internal development respositories, with the company confirming it was a breach of one of its GitLab instances. This data allegedly includes approximately 800 Customer Engagement Reports (CERs), which can contain sensitive information about a…
Company that sells software for monitoring sex offenders, terrorists, and hackers was hacked (1)
Mikael Thalen reports: A company that sells spyware that monitors individuals on parole and probation had its data leaked to a cybercrime forum this week. The leak, according to an analysis by Straight Arrow News, exposed highly sensitive information regarding employees of the corrections system and those under court-ordered supervision. The affected company, RemoteCOM, describes itself…