In August, threat actors calling themselves AvosLocker announced that they had attacked Moorfields NHS UK & Dubai. DataBreaches.net’s investigation at that point indicated that the data they provided as proof came from the Dubai hospital and did not involve any UK personnel or patients. In a statement to this site, Moorfields confirmed that there had…
Category: Non-U.S.
Fujitsu confirms stolen data not connected to cyberattack on its systems
Jonathan Greig reports: Fujitsu has confirmed that data being marketed by cybercriminals is not related to any cyberattack on its systems. Criminal marketplace Marketo claimed to have 4GB of data from Fujitsu last month and began marketing it widely. […] Marketo has also changed its tune, now writing that the stolen data is entirely from Japanese manufacturing…
New .avos2 variant: AvosLocker affiliate extorts $ 85k from victim thanks to old vulnerability in FortiGate VPN
Marco A. De Felice reports: An affiliate of the AvosLocker ransomware group extorts $ 85,000 in bitcoin from a company thanks to a known vulnerability in FortiGate VPN ( CVE-2018-13379 ). A vulnerability that the American multinational had corrected THANKS TO AN UPDATE released IN NOVEMBER 2019 . Those who have not updated their systems are a small company that…
Th: Hospital hack prompts call for cooperation
Wassayos Ngamkham has some interesting follow-up reporting on the recent attack on Phetchabun Hospital. That hospital and Bhumirajanagarindra Kidney Institute Hospital, both in Thailand, have been recently attacked, with the latter attack interfering with patient services. The Cyber Crime Investigation Bureau (CCIB)’s preliminary investigation reportedly: showed that a group of Indian hackers was behind the…
Sg: MyRepublic data breach: 80,000 mobile users’ personal data exposed
Yahoo! reports: The personal data of about 80,000 MyRepublic mobile subscribers was accessed without authorisation last month. The telco said in a media release on Friday (10 September) that the breach took place on 29 August on a third-party data storage platform used to store the personal data of its mobile customers. Investigations showed that…
Za: Justice Department victim of latest security breach
First it was South Africa’s Space Agency that was attacked. Now it’s their justice department. Dan Meyer reports: The Department of Justice and Constitutional Development has confirmed that it has become the victim of a malicious cyber security hack, with all electronic services provided by the Department – including the issuing of letters of authority,…