There are some data leaks that make you shake your head and wonder about how a firm responded to a ransomware attack. This is one of them. Cadre Services (previously known as Premier Staffing) is a Wisconsin-based company providing employment and staffing services for office professionals. They have been in business since 1994. In a…
Category: Commentaries and Analyses
Inmediata settles multi-state litigation for $1.14 million; will improve data security and breach notification practices
Indiana Attorney General Rokita led a coalition of 33 attorneys general in a multi-state investigation and litigation against health care clearinghouse Imnediata stemming from a breach disclosed in 2019. Background In January 2019, HHS OCR alerted Inmediata that protected health information (PHI) maintained by Inmediata was available online and had been indexed by search engines….
CISA Advisory: Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks
Alert Code: AA23-289A October 16, 2023 Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-289a SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515. This recently disclosed vulnerability affects certain versions of Atlassian Confluence Data…
CISA shares vulnerabilities, misconfigs used by ransomware gangs
Sergiu Gatlan reports: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled additional details regarding misconfigurations and security vulnerabilities exploited by ransomware gangs, aiming to help critical infrastructure organizations thwart their attacks. CISA released this information as part of its Ransomware Vulnerability Warning Pilot (RVWP) program, established in January of this year, when it announced that…
Colonial Pipeline was hacked. No, wait, Accenture was hacked. No, wait….. untangling claims. (2)
By, now, there’s been a lot of buzz by some claims made by RansomedVC on their leak site and on their Telegram channel. In their post this afternoon, RansomedVC claimed that (1) Rob Lee of Dragos somehow cheated someone called “fooble,” and as a result, (2) RansomedVC was going to leak files that Lee had…
Equifax’s U.K. Arm Fined Over 2017 Data Breach
Margot Patrick reports: Equifax’s (EFX) U.K. arm was fined around $13.6 million Friday for failing to protect the data of millions of British customers in a 2017 hack of the credit-reporting company. The British arm outsourced customer-data processing to the U.S., and then failed to manage or monitor data security, the Financial Conduct Authority said. Read…