Catalin Cimpanu reports: More than 2,000 Magento online stores have been hacked over the weekend in what security researchers have described as the “largest campaign ever.” The attacks were a typical Magecart scheme where hackers breached sites and then planted malicious scripts inside the stores’ source code, code that logged payment card details that shoppers…
Category: Of Note
Interim Report on the Blackbaud Breach: 3.4 Million Patients and Counting
The Blackbaud ransomware incident disclosed on July 16 will likely end up being the largest or one of the largest breaches of the year involving patient information. I’ve been reading disclosures from dozens of entities and have compiled a list of those Blackbaud clients whose disclosures state or suggest that Blackbaud had been storing some…
Secure Data Technologies Sues Ex-Employee for Breach of Contract
Christina Tabacco reports: On Thursday, Secure Data Technologies, Inc. sued a former employee for hacking the company’s email system and removing confidential and proprietary information. The Eastern District of Missouri lawsuit states seven claims for relief under various Missouri and Illinois business tort and computer fraud statutes. According to the filing, Secure Data is an Illinois corporation,…
CNN-News18 allegedly hacked to deny PayTM hack claims
What a weird story about the lengths some folks will go to to deny that they were responsible for a hack. Ax Sharma reports: A hacker group that goes by the names “John Wick” and “Korean Hackers” have provided BleepingComputer with information on the hacking of the Indian Prime Minister’s Twitter account and the online systems of popular Indian news…
Russian National Indicted for Conspiracy to Introduce Malware into a Computer Network
One of the big stories this week concerned a failed attempt to bribe a Tesla employee to inject malware into Tesla’s system. The attempt failed because the employee reported what was going on. From the U.S. Department of Justice: A federal grand jury in the District of Nevada returned an indictment today charging a Russian…
FBI issues second alert about ProLock ransomware stealing data
Sergiu Gatlan reports: The FBI issued a second warning this week to alert US companies of ProLock ransomware operators stealing data from compromised networks before encrypting their victims’ systems. The 20200901-001 Private Industry Notification seen by BleepingComputer on September 1st comes after the MI-000125-MW Flash Alert on the same subject issued by the FBI four months ago, on…