Remember last year when we were all reporting on how Conti had crippled Costa Rica with a ransomware attack and was suggesting the people overthrow the government to get one in place that would pay them? What if that was actually what Conti was trying to test on behalf of Russia or other powers —…
Category: Commentaries and Analyses
You’ve patched right? ‘340K+ Fortinet firewalls’ wide open to critical security bug
Jessica Lyons Hardcastle reports: More than 338,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical bug Fortinet fixed last month that’s being exploited in the wild. This is according to infosec outfit Bishop Fox, which has developed an example exploit for achieving remote code execution via the hole. Successful exploitation of the…
ARx Patient Solutions and ARx Patient Solutions Pharmacy notify patients of a March, 2022 breach
ARx Patient Solutions and its affiliate pharmacy, ARx Patient Solutions Pharmacy, have issued a press release about a data breach affecting patient data. Their notice states, “It was determined that in March 2022, an employee email account was compromised and accessed by an unauthorized third party.” The types of patient information that may have been…
Breach Victims Have Standing When Data Misused, 1st Circuit Says
Christopher Brown reports: A data-breach victim whose personal information was subject to actual misuse has standing to sue the entity that suffered the breach, a federal appeals court said. Plaintiff Alexsis Webb plausibly alleged an injury-in-fact sufficient to confer standing to sue Injured Workers Pharmacy Inc. based on her allegation that information stolen from the…
I had been chatting with a blackhat. They had been working with a whitehat. We were both dealing with the same person.
On April 18, DataBreaches reported that more details had emerged on the arrest of three men by Dutch police in January. The three were suspected of hacking and extorting victims in the Netherlands and elsewhere, obtaining and selling data online, and money laundering. A fourth person linked to the suspects known as “DataBox” had previously…
Costs of some 2022 ransomware attacks: Whitworth University hit with federal lawsuit, Little Rock School District tallies its costs
Whitworth University may start experiencing more legal costs stemming from a ransomware attack in 2022. Kip Hill reports: A Whitworth University student is asking a federal judge to approve a class action against the school for damages stemming from a ransomware attack discovered in July 2022 that affected more than 65,500 people. The lawsuit, filed…