Troy Hunt writes: A quick summary first before the details: This week, the FBI in cooperation with international law enforcement partners took down a notorious marketplace trading in stolen identity data in an effort they’ve named “Operation Cookie Monster”. They’ve provided millions of impacted email addresses and passwords to Have I Been Pwned (HIBP) so…
Category: Of Note
Japan braced for rise in ransomware attacks after data breach
Leo Lewis and Kana Inagaki report: A hacking attack at Japan’s largest IT company is spilling across the country’s corporate sector, with cyber security experts warning that it could trigger a surge in attempts by organised criminal gangs to extort hefty ransoms from companies and their customers. More than 10 Japanese companies have said in…
HIPAA Data Breach Costs Company Nearly $300,000 In DOJ False Claims Act Settlement
Stacy L. Cook and Iqra Mushtaq of Barnes & Thornburg LLP write: On March 14, 2023, the U.S. Department of Justice (DOJ) announced the settlement of a case involving alleged violations of the False Claims Act (FCA) as a result of cybersecurity failures and breach of HIPAA-protected health information. Obtained under the Civil Cyber-Fraud Initiative, this settlement emphasizes…
“Operation Cookie Monster” takes down Genesis Market
Brian Krebs reports: Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with “dozens” of arrests in the United…
Unpacking the Structure of Modern Cybercrime Organizations
David Sancho, Mayra Rosario Fuentes report: The last 20 years have seen the cyberthreat landscape transform markedly: From an era of cyberattacks with damaging payloads, the cybercrime space has evolved to one where malicious actors have organized themselves into groups, mainly driven by financial gain. Consequently, organizations now contend with a new breed of cybercriminals…
Developing: Stormous claims to have attacked hospital; apologizes minutes later, pledges to undo damage, and seeks forgiveness (Update1: was this a scam?)
Stormous Ransomware added Cameron Memorial Community Hospital in Indiana to their leak site today and posted a pointer to it on their Telegram channel. Then they appeared to regret their actions, posting the following only minutes later: We are writing to express our sincerest apologies for the recent ransomware attack on hospital IT systems. We…