Christopher Brown reports: SolarWinds Corp. will pay $26 million to settle an investor suit alleging it failed to disclose security vulnerabilities before a massive cyberattack, under an agreement given final approval by a federal court. Investors alleged the technology company misled them about its security practices before announcing a suspected Russian hack in late 2020, causing the…
Category: Business Sector
CardioComm, a provider of ECG monitoring devices, confirms cyberattack downed its services
Carly Page reports: CardioComm Solutions, a Canadian provider of consumer and professional-grade heart monitoring technologies, has been downed by an ongoing cybersecurity incident. The Toronto-based organization said on Tuesday that its business operations will be “impacted for several days and potentially longer” following a “cybersecurity incident on the Company’s servers.” At the time of writing,…
Deloitte denies Cl0p data breach claims in wake of MOVEit attack
Ross Kelly reports: Deloitte has refuted claims that the Cl0p ransomware gang has breached its systems and stolen company data amid speculation online. The accountancy firm was cited as a victim on Cl0p’s breach disclosure blog, sparking concerns that clients at the consultancy could be at risk. In its disclosure, Cl0p claimed “the company doesn’t…
Yamaha confirms cyberattack after multiple ransomware gangs claim attacks
Jonathan Greig reports: Yamaha’s Canadian music division confirmed that it recently dealt with a cyberattack after two different ransomware groups claimed to have attacked the company. The Yamaha Corporation — different from the spun-off motorcycle division — is a Japanese manufacturing giant producing musical instruments and audio equipment. It is considered the world’s largest producer…
North Korean hackers targeting JumpCloud mistakenly exposed their IP addresses, researchers say
Zack Whittaker reports: Security researchers say they have high confidence that North Korean hackers were behind a recent intrusion at enterprise software company JumpCloud because of a mistake the hackers made. Mandiant, which is assisting one of JumpCloud’s affected customers, attributed the breach to hackers working for North Korea’s Reconnaissance General Bureau, or RGB, a hacking unit…
In SEC Battle, Covington Ordered to Disclose Names of 7 Clients
Abigail Adcox reports: U.S. District Judge Amit Mehta of the District of Columbia has ruled that Covington & Burling must disclose to the U.S. Securities and Exchange Commission the names of seven clients whose information may have been exposed in a 2020 cyberattack that impacted the firm. “Covington shall produce to the Commission the names…