by Craig Silverman, ProPublica This story was originally published by ProPublica. ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for The Big Story newsletter to receive stories like this one in your inbox. Series: Zero Trust: Inside Microsoft’s Cybersecurity Failures Investigating how the world’s largest software provider handles the security of its own ubiquitous…
Category: Government Sector
CloudSorcerer hackers abuse cloud services to steal Russian govt data
Bill Toulas reports: A new advanced persistent threat (APT) group named CloudSorcerer abuses public cloud services to steal data from Russian government organizations in cyberespionage attacks. Kaspersky security researchers discovered the cyberespionage group in May 2024. They report that CloudSorcerer uses custom malware that uses legitimate cloud services for command and control (C2) operations and data storage….
Ph: 42 million people possibly affected by 2023 Philippine Health Insurance cyberattack
Vivienne Gulla reports: The records of around 42 million individuals are possibly affected by the 2023 data breach on Philippine Health Insurance Corporation (PhilHealth), according to the National Privacy Commission (NPC). NPC’s Maria Theresita Patula issued the statement during Monday’s oversight hearing of the House Committee on Appropriations regarding the budget of PhilHealth and the…
Personal and health info leaked from Florida Department of Health
As an update to the Florida Department of Health ransomware attack reported yesterday: On July 2, threat actors known as Ransom Hub had claimed to have exfiltrated 100 GB of files from the state agency. They threatened to leak it if the state did not pay their demands, but Florida law prohibits state agencies from…
Cyber Attack May Have Exposed Alabama Student, Teacher Data
Rebecca Griesbach reports: The Alabama State Department of Education experienced a data breach in June that may have compromised some student and employee data, officials announced Wednesday. On June 17, information system staff interrupted and stopped an attack on the department’s computer system before hackers could fully access the system or lock it, according to…
Ransomware group who hit Indonesian government apologizes, hands over encryption key
Laura Dobberstein reports: Brain Cipher, the group responsible for hacking into Indonesia’s Temporary National Data Center (PDNS) and disrupting the country’s services, has seemingly apologized for its actions and released an encryption key to the government. That key was in the form of an 54 kb ESXi file. Its efficacy has not yet been confirmed….