In December 2019, Sophos published an analysis of Snatch ransomware. In June 2020, DFIR Report provided a case study, and in July 2020, LIFARS wrote an article about Snatch ransomware having been detected in attacks in June. Since then, the Snatch leak site has continued to add victims and the media (including DataBreaches) has continued to…
Category: Business Sector
Za: Enforcement Notice Issued To Dis-Chem For Violating POPIA
Gugu Lourie reports: On the 31st of August 2023, the Information Regulator took action by issuing an Enforcement Notice against Dis-Chem, due to their non-compliance with several provisions of the Protection of Personal Information Act (POPIA). In the timeline of events, it was revealed that during the months of April and May in 2022, a…
LogicMonitor customers who didn’t change default passwords were hit by hackers
Lorenzo Franceschi-Bicchierai reports: Some customers of the network security company LogicMonitor have been hacked due to the use of default passwords, TechCrunch has learned. The incident is due to the fact that, until recently, LogicMonitor was assigning customers default — and weak — passwords such as “Welcome@” plus a short number, according to a source…
One month later, Ranhill still hasn’t fully recovered from cyberattack
On July 26, DataBreaches reported that DESORDEN had attacked Ranhill Utilities Berhad, a provider of water and power supply in Malaysia. At the time, DESORDEN claimed, in part: The initial data breach was initiated on Nov 2021. For over 18 months, DESORDEN has been in their systems. On 17th July 2023, our group infiltrated their…
Forever 21 notifies 540,000 of breach affecting employees enrolled in firm’s health plan
In 2017, fashion retailer Forever 21 experienced a malware attack on its card payment system that compromised customers’ payment cards. The breach was an embarrassment on a number of levels because the attacker had access to their system for about 7 months, and Forever 21 did not seem to have discovered the breach on their…
Jp: Medical organizations and IT vendors “should bear part of the cyber damage”.
[Translation:] A document released on August 24 by the Japan Medical Association Policy Research Institute (Nichi-Isouken), which aims to plan medical policy, is causing controversy on SNS. Regarding contracts and responsibility sharing between medical institutions and system vendors, based on the “principle of good faith”, if the vendor’s risk explanation is insufficient, the medical institution…