Executive Summary Beginning in late 2021 and continuing late into 2022, a globally active, extortion-focused cyber threat actor group attacked dozens of well-known companies and government agencies around the world. It penetrated corporate networks, stole source code, demanded payments while rarely following up, lodged political messages in shadowy online forums, and swiftly moved on to…
Category: Hack
Nova Scotia government still unsure of widespread impact from spring cyberattack
Jonathan MacInnis reports: The province of Nova Scotia is still unsure of how widespread the MOVEit security breach is, nearly two-and-a-half months after first becoming aware of the issue. Almost 1000 notifications have been sent out this month. “As you start getting into forensics you can find out that that trail can lead back a…
Russia ‘prime suspect’ in cyber attack which saw names and addresses of 40M UK voters exposed – reports
Imogen Howse reports: Russia is suspected to have been behind a cyber attack which exposed the data of tens of millions of voters in the UK, raising fears it was an attempt to undermine democracy. The Electoral Commission admitted on Tuesday (8 August) that hackers had been able to access reference copies of electoral registers from between the years…
Husband and Wife Plead Guilty to Money Laundering Conspiracy Involving the Hack and Theft of Billions in Cryptocurrency
There’s an update to the case involving the arrest of a married couple charged with laundering $4.5 billion in cryptocurrency stolen from Bitifinex in 2016. Ilya Lichtenstein, 35, and Heather Morgan, 33, from New York City pleaded guilty today to money laundering conspiracies arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex,…
SolarWinds’ $26 Million Deal in Russian-Hack Suit Gets Final Nod
Christopher Brown reports: SolarWinds Corp. will pay $26 million to settle an investor suit alleging it failed to disclose security vulnerabilities before a massive cyberattack, under an agreement given final approval by a federal court. Investors alleged the technology company misled them about its security practices before announcing a suspected Russian hack in late 2020, causing the…
Centers for Medicare and Medicaid notifying 645,000 Medicare members about MOVEit breach (UPDATED)
Update: This incident was reported to HHS as affecting 1,362,470 patients. The Centers for Medicare and Medicaid (CMS) has posted a notice on its site about a data breach at one of its contractors, Maximus Federal Services, Inc. Maximus was one of hundreds of victims of a 0day attack on MOVEit file transfer software by the…