Sam Lewis reports: It has been revealed that high-end British jeweller Graff paid out a ransom fee topping £6 million in a well-publicised cyber attack last year. It emerged in November 2021 that Graff had been the target of Russian hackers who had gained possession of data pertaining to many of Graff’s high-profile customers. The incident is…
Category: Malware
More details emerge on Professional Finance Company ransomware incident, but questions remain
A ransomware attack on Professional Finance Company (PFC) has some of us who track breaches in the healthcare sector wondering how large this breach will be. The last time we saw a big breach involving a collection agency was in 2019. The American Medical Collection Agency filed for bankruptcy pretty quickly and the total number…
Recent Security Incident: Statement from SHI
Over the Fourth of July holiday weekend, SHI was the target of a coordinated and professional malware attack. Thanks to the quick reactions of the security and IT teams at SHI, the incident was swiftly identified and measures were enacted to minimize the impact on SHI’s systems and operations. These preventative measures included taking some…
North Korea is targeting hospitals with ransomware, U.S. agencies warn
Kevin Collier reports: The U.S. government said Wednesday that North Korea is behind a recent strain of ransomware cyberattacks on hospitals and other health care facilities. The warning is the starkest alert to date that North Korea, which the U.S. has long alleged uses its hackers to raise money for state programs like its nuclear weapons…
NPM supply-chain attack impacts hundreds of websites and apps
Sergiu Gatlan reports: An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise hundreds of downstream desktop apps and websites. As researchers at supply chain security firm ReversingLabs discovered, the threat actors behind this campaign (known as IconBurst) used typosquatting to infect developers looking for very popular…
Claire’s data breach $350K class action settlement
Top Class Actions reports that there is a settlement in litigation stemming from a data breach involving customer information in a 2020 breach that affected some customers of Claire’s accessories stores. For approximately two months in 2020, malware compromised payments made on the retailer’s website. The case is Julia Rossi, et al v. Claire’s Stores,…