Sergiu Gatlan reports: Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack. While GoDaddy discovered the security breach in early December 2022 following customer reports that their sites were being used…
Category: Malware
Update to the Des Moines Public School ransomware attack
For some students in Des Moines, Iowa, the return to school after the winter holidays was soon interrupted by a cyberattack that resulted in classes being canceled. But as classes continued to be canceled, it became clearer that restoration and recovery would not be quick. By January 11, two days after the announcement of school…
$150 million: the cost of a cyberattack?
The cyberattack reported by CommonSpirit last year has reportedly cost the firm $150 million already. From their unaudited quarterly report: The Cyber security Incident has had an estimated adverse financial impact of approximately $150 million to date, which includes lost revenues from the associated business interruption, the costs incurred to remediate the issues and other…
Bits ‘n Pieces (Trozos y Piezas)
ES: Cosmetics firm added by LockBit Skin and hair products firm Montibello has been added by LockBit3.0 to their leaks page. The listing was added on February 14th but without any filetree or proof. DataBreaches emailed Montibello to see if they would confirm or deny an attack but received no reply. There is nothing on…
MKS Instruments’ breach notification includes a surprising statement to reassure those affected
Well, this is a bit different. On February 13, MKS Instruments in Massachusetts (the U.S. parent company of the MKS and Atotech group of companies) became aware of a ransomware event. By February 16, they issued a notification letter to former and current employees who may have been affected. Their notification informed employees that, “While…
Update: Wawasee Community School Corporation victim of BlackCat attack
The Wawasee Community School Corporation in Indiana was reportedly the victim of a cyberattack by BlackCat. The threat actors have now leaked what they claim are 9.78 GB of files on their leak site because Wawasee did not pay their demands. Perhaps luckily for Wawasee, the download link is not working at this time. There…