Connor Jones reports: UK Government has confirmed a cyberattack on the payroll system used by the Ministry of Defence (MoD) led to “malign” forces accessing data on current and a limited number of former armed forces personnel. There is no evidence to suggest that the criminals who broke into the systems actually removed any data,…
Category: Hack
One year on, University System of Georgia admits MOVEit attack hit data of 800k people
Connor Jones reports: Just short of a year after the initial incident, the state of Georgia’s higher education government agency has confirmed that it was the victim of an attack on its systems affecting the data of 800,000 people. University System of Georgia (USG), which oversees 26 higher education institutions in the state, filed a disclosure with…
Fred Hutch notifies more patients of November 2023 attack (1)
In December 2023, UW’s Fred Hutchinson Cancer Center (“Fred Hutch”) reported a November cyberattack that involved the exfiltration of patient data and attempted extortion of patients. DataBreaches contacted Fred Hutch on December 8 to ask whether the attackers had encrypted their files and whether they had negotiated with the threat actors. They did not reply….
Years later, Marriott admits data were not encrypted before its 2018 data breach. Now what?
What might happen to a company that has been making false claims about its system security for more than five years after experiencing a massive data breach? Will state attorneys general, the SEC, and the FTC investigate and possibly penalize them for a significant misrepresentation to consumers and regulators? CSO Online has a significant update…
Germany summons Russian envoy over Fancy Bears cyberattack
DW reports: Germany accused Russia’s military intelligence service, the GRU, on Friday of being behind a 2023 cyberattack that targeted the Social Democrats (SPD). NATO member Germany has been among the Western nations providing military support to Ukraine as it fights a Russian invasion and there have also been recent accusations of increased espionage. In June 2023, the SPD announced that cybercriminals had…
Oregon DMV sued over 2023 MOVEit data breach
In June 2023, DataBreaches reported that the Oregon Department of Motor Vehicles (DMV) had become a victim of the MOVEit breach by Clop. The DMV reported that 3.5 million drivers may have been affected. At the time, the state issued a statement saying, in part: We do not have the ability to identify if any…