The ransomware gang known as Clop created massive headaches for numerous entities with attacks involving the exploitation of vulnerabilities in file transfer software. Since December 2020, the same gang exploited vulnerabilities in Accellion, Fortra’s GoAnywhere software, and Progress Software’s MOVEit software. Christopher Brown reports a litigation update in cases stemming from the GoAnywhere breach disclosed…
Category: Hack
Two hosting companies in Romania had what appear to be unrelated breaches. Did either one ever issue a public notice? (2)
In April 2023, DataBreaches reported on an alleged incident involving TIC Hosting in Romania. No one from TIC Hosting ever responded to inquiries from this site, and inquiries to the data protection regulator for the country indicated that TIC Hosting had never reported any data protection incident to them. And that seemed to be the…
Millions at risk of fraud after massive health data hack in France
Richard Henshell reports: Millions of people are at risk of fraud after a data breach at a company that manages the third-party payments for 84 top-up insurance providers. Viamedis, whose systems the third-party payments for over 20 million people, announced the data breach on February 2. Its clients include Carte Blanche Partenaires, Itelis, Kalixia and…
Canada’s most prolific hacker is expected to make full restitution
Gary Dimmock reports: It’s not every day that fraud victims get their money back. But Canada’s most prolific hacker, who launched ransomware attacks from his Ottawa home that left some targets in financial ruin, will be making full restitution. Matthew Philbert, 33, pleaded guilty to years of cyber attacks and was recently sentenced to two…
Was BrightStar Care attacked by two different groups — or was there only one breach?
On January 24, DataBreaches was contacted by a spokesperson for AlphV (“BlackCat”) to see if this site would be interested in reporting on a breach involving BrightStar Care (“BrightStar”). BrightStar had been added to their dark web leak site that day but without any proof of claim. The spokesperson was offering to show DataBreaches data…
Cloudflare hacked using auth tokens stolen in Okta attack
Sergiu Gatlan reports: Cloudflare disclosed today that its internal Atlassian server was breached by a suspected ‘nation state attacker’ who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system. The threat actor first gained access to Cloudflare’s self-hosted Atlassian server on November 14 and then accessed the company’s Confluence and Jira…