Adi Bleih reports: The Akira ransomware group has been active since March 2023, targeting diverse industries across North America, the UK, and Australia. Operating as a Ransomware-as-a-Service (RaaS) model, Akira employs a double-extortion strategy by stealing sensitive data before encrypting it. According to their leak site, the group claims to have compromised over 350 organizations….
Category: Malware
Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charges
Russian National Alleged to Have Coordinated Sale, Distribution, and Operation of Phobos Ransomware as Part of International Hacking and Extortion Conspiracy The Justice Department unsealed criminal charges today against Evgenii Ptitsyn, 42, a Russian national, for allegedly administering the sale, distribution, and operation of Phobos ransomware. Ptitsyn made his initial appearance in the U.S. District Court for…
NY: Equinox notifies clients and employees of April data security incident
On November 15, Equinox notified clients and staff members about what they described as a data security incident on April 29. With a little digging, DataBreaches realized that it was an attack by LockBit3.0. Equinox is a human services organization that serves clients in the capital region of New York State, providing services to 3,500…
Attorney General James Secures $250,000 from Movie Theater Operator for Failing to Protect Employees’ Personal Information
NEW YORK – New York Attorney General Letitia James today secured $250,000 from a global movie theater operator, National Amusements, Inc. (National Amusements), that operates movie theaters in the Bronx and on Long Island for failing to protect their former and current employees and contractors’ personal information. An investigation by the Office of the Attorney General…
Patients at center of data breach case win $65M settlement against Lehigh Valley Health Network
Nicole Leonard reports: A Pennsylvania judge has cleared the way for a $65 million settlement with Lehigh Valley Health Network in a data breach case that involved stolen medical records and nude photos of cancer patients, taken during exams, posted on the dark web by a Russian cybergang. At a hearing Friday in Lackawanna County Court, Senior…
Hackers now sending physical malicious letters, Swiss authorities warn
Ernestas Naprys reports: Is there anything threat actors won’t do to gain initial access? Swiss authorities are warning about a new sophisticated cybersecurity threat – malicious counterfeit letters. Cyber bandits have launched a malicious campaign across Switzerland using counterfeit letters that appear to be from MeteoSwiss (the Federal Office of Meteorology and Climatology). The victims…