Ax Sharma reports a settlement in litigation over a breach that was disclosed in 2019 but presumably began in 2010. Dominion National, Virginia-based insurance provider of dental and vision health benefits has reached settlement in the class action lawsuit concerning the decade-old data breach that exposed sensitive customer information of over 2.9 million patients. Although…
Category: Hack
FBI, NSA: Russian military cyber-unit behind large-scale brute-force attacks
Catalin Cimpanu reports: US and UK cybersecurity agencies said today that a Russian military cyber unit has been behind a series of brute-force attacks that have targeted the cloud IT resources of government and private sector companies across the world. The attacks have been linked to a hacking group tracked as APT28, or Fancy Bear, in a…
IA: Peoples Community Health Clinic notifying patients after discovering compromise of employee email account
Peoples Community Health Clinic in Iowa has been notifying some patients as a result of an employee’s email account being compromised. As explained in their press release*, on March 22, 2021, PCHC became aware of suspicious activity related to an employee’s email account. An investigation revealed that between March 18, 2021 and March 22, 2021,…
Facebook sues four Vietnamese nationals for hijacking accounts
Catalin Cimpanu reports: Social networking giant Facebook has filed two lawsuits today against two suspected criminal groups that abused its advertising platform for their own gains. The first lawsuit was filed against four Vietnamese nationals for hijacking user accounts and the second against a US company for running an e-commerce bait-and-switch scam. Read more on…
Russian Hackers Mounted Cyber Attack on German Banks, Bild Says
Patrick Donahue and Jake Rudnitsky report: A hacker group linked to the Russian state known as “Fancy Bear” conducted a cyber attack on critical German infrastructure and the country’s banking system in the past few days, Bild newspaper reported, citing unidentified Western intelligence sources. A spokesman for Germany’s BSI Federal Cyber Security Authority said the agency has…
Hackers use zero-day to mass-wipe My Book Live devices
Lawrence Abrams reports that preliminary reports attributing a mass-wipe to a CVE from 2018 were not quite the whole story. Western Digital had originally told BleepingComputer that the attacks were being conducted through a 2018 vulnerability tracked as CVE-2018-18472, which was not fixed as the device has been out of support since 2015. It turns out that…