Leo Lewis and Kana Inagaki report: A hacking attack at Japan’s largest IT company is spilling across the country’s corporate sector, with cyber security experts warning that it could trigger a surge in attempts by organised criminal gangs to extort hefty ransoms from companies and their customers. More than 10 Japanese companies have said in…
Category: Of Note
HIPAA Data Breach Costs Company Nearly $300,000 In DOJ False Claims Act Settlement
Stacy L. Cook and Iqra Mushtaq of Barnes & Thornburg LLP write: On March 14, 2023, the U.S. Department of Justice (DOJ) announced the settlement of a case involving alleged violations of the False Claims Act (FCA) as a result of cybersecurity failures and breach of HIPAA-protected health information. Obtained under the Civil Cyber-Fraud Initiative, this settlement emphasizes…
“Operation Cookie Monster” takes down Genesis Market
Brian Krebs reports: Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with “dozens” of arrests in the United…
Unpacking the Structure of Modern Cybercrime Organizations
David Sancho, Mayra Rosario Fuentes report: The last 20 years have seen the cyberthreat landscape transform markedly: From an era of cyberattacks with damaging payloads, the cybercrime space has evolved to one where malicious actors have organized themselves into groups, mainly driven by financial gain. Consequently, organizations now contend with a new breed of cybercriminals…
Developing: Stormous claims to have attacked hospital; apologizes minutes later, pledges to undo damage, and seeks forgiveness (Update1: was this a scam?)
Stormous Ransomware added Cameron Memorial Community Hospital in Indiana to their leak site today and posted a pointer to it on their Telegram channel. Then they appeared to regret their actions, posting the following only minutes later: We are writing to express our sincerest apologies for the recent ransomware attack on hospital IT systems. We…
Fake ransomware gang targets U.S. orgs with empty data leak threats
Ionut Ilascu reports: Fake extortionists are piggybacking on data breaches and ransomware incidents, threatening U.S. companies with publishing or selling allegedly stolen data unless they get paid. Sometimes the actors add the menace of a distributed denial-of-service (DDoS) attack if the message recipient does not comply with the instructions in the message. Read more about…