Catalin Cimpanu reports: Malaysian officials announced on Thursday the arrest of 11 suspects believed to be part of a hacktivist group that defaced government websites during late January. The group, calling itself Anonymous Malaysia, defaced 17 websites for local governments and universities, according to posts they made on a Facebook page earlier this month. Read more on ZDNet….
Category: Government Sector
Update to Chatham County ransomware attack
There’s an update to a previously reported ransomware attack by DoppelPaymer threat actors on Chatham County, North Carolina. Read the update in Courier-Tribune. They report that the ransomware entered the county network through a phishing email with a malicious attachment. In related news, the News & Observer reports that the ransom demand had been worth…
Yuba County was the subject of a ransomware cyber attack
David Wilson reports: Yuba County was recently the subject of a ransomware cyber-attack, which infected some of the county computer systems with malware, according to county spokesperson Russ Brown. The malware encrypted the affected systems and the attacker demanded payment from the county in order to obtain a decryption key. The county did not make…
Norwegian DPA issues fine to Municipality of Indre Østfold
As seen on the European Data Protection Board (EDPB): The Norwegian Data Protection Authority has fined the Municipality of Indre Østfold EUR 20 000 (NOK 200,000) for a confidentiality violation. Personal data that should have been restricted was available to unauthorized persons. The Municipality of Indre Østfold, formerly the Municipality of Askim, published the records…
Unsecured: Jamaica’s immigration website exposed thousands of travelers’ data
Zack Whittaker reports: A security lapse by a Jamaican government contractor has exposed immigration records and COVID-19 test results for hundreds of thousands of travelers who visited the island over the past year. The Jamaican government contracted Amber Group to build the JamCOVID19 website and app, which the government uses to publish daily coronavirus figures and allows…
UPDATED: California DMV halts data transfers with third-party company after Automatic Funds Transfer Services security breach
Update: As BleepingComputer reports, the AFTS attack appears to be the work of the Cuba ransomware threat actor(s) who claim to have exfiltrated “Financial documents, correspondence with bank employees, account movements, balance sheets, tax documents.” They offer to sell the data on their dedicated leak site on the dark web, but do not list any…