Sarah Motter reports: A data breach at a Blue Cross Blue Shield subcontractor has left about 2,800 members at risk, however, the company has taken steps to ensure their information stays secure. Blue Cross and Blue Shield of Kansas says on Thursday, March 24, it was recently notified of a data breach that happened several months…
Category: Hack
Cybercriminal Connected to Multimillion Dollar Ransomware Attacks Sentenced for Online Fraud Schemes
An Estonian man was sentenced today to 66 months in prison for his years-long role in furthering and facilitating computer intrusions, the movement of fraudulently obtained goods and funds, and the monetization of stolen financial account information. He also participated in ransomware attacks causing over $53 million in losses and was ordered to pay over…
Four Russian Government Employees Charged in Two Historical Hacking Campaigns Targeting Critical Infrastructure Worldwide
The Department of Justice unsealed two indictments today charging four defendants, all Russian nationals who worked for the Russian government, with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018. In total, these hacking campaigns targeted thousands of computers, at hundreds of companies…
London police make arrests related to Lapsus$
BBC reports: A 16-year-old from Oxford has been accused of being one of the leaders of cyber-crime gang Lapsus$. The teenager, who is alleged to have amassed a $14m (£10.6m) fortune from hacking, has been named by rival hackers and researchers. City of London Police say they have arrested seven teenagers in relation to the…
Okta’s response to Lapsus$’s claimed hack has people asking, “Why didn’t you tell us in January?”
Yesterday was not a great day for Okta. Their CSO, David Bradbury, issued a statement responding to Lapsus$’s claimed hack, but his statement led to a counter-response by Lapsus$ and even more critically, perhaps, people started asking why, if Okta knew about something in January, they had not disclosed it then. First, here’s Bradbury’s statement:…
Microsoft confirms they were hacked by Lapsus$ extortion group
Lawrence Abrams reports: In a new blog post published tonight, Microsoft has confirmed that one of their employee’s accounts was compromised by Lapsus$, providing limited access to source code repositories. “No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our…