Western Digital has announced a new trade-in programme to help customers mitigate the effects of a mass malware attack that saw terabytes of data wiped from users’ NAS drives overnight. Those who lost data as a result of the hack will be able to benefit from Western Digital’s data recovery services, as well as a…
Category: Commentaries and Analyses
Still think you can negotiate with REvil and get your files back? Read this first.
The government and professionals involved in ransomware incident response have often advised victims not to pay the ransom because even if you pay, you may not get your data back, and you may not get your data deleted by criminals who pinky swear that they will delete it. Then, too, they may pinky swear that…
Hackers use zero-day to mass-wipe My Book Live devices
Lawrence Abrams reports that preliminary reports attributing a mass-wipe to a CVE from 2018 were not quite the whole story. Western Digital had originally told BleepingComputer that the attacks were being conducted through a 2018 vulnerability tracked as CVE-2018-18472, which was not fixed as the device has been out of support since 2015. It turns out that…
Data for 700M LinkedIn Users Posted for Sale in Cyber-Underground
Tara Seals reports: After 500 million LinkedIn enthusiasts were affected in a data-scraping incident in April, it’s happened again – with big security ramifications. A new posting with 700 million LinkedIn records has appeared on a popular hacker forum, according to researchers. Analysts from Privacy Sharks stumbled across the data put up for sale on…
Ca: SIM card theft: Discount provider, discount protection?
Tristan Peloquin reports: Telus customers who were victims of SIM card scams are sounding the alarm on apparent flaws in the company’s security systems. An employee of its discount subsidiary Public Mobile even told a customer that the service she uses is “more at risk than others” because she pays less. “If you pay for…
Bits ‘n Pieces
Aultman Health Foundation Notifying Patients of Insider-Wrongdoing The Ohio foundation is notifying approximately 7,000 patients that a former employee accessed their records without business need. HOYA Optical Labs of America Notifying Patients of Ransomware Incident As first reported by HealthITSecurity, the Japanese-headquartered firm notified 3,259 U.S. patients of a ransomware incident. The incident occurred in…