Catalin Cimpanu reports: Hackers have used a two-year-old vulnerability in a software package used by remote IT support firms to gain a foothold on vulnerable networks and deploy the GandCrab ransomware on those companies’ customer workstations. At least one company has been hit already, according to a report on Reddit, confirmed by cyber-security firm Huntress…
Category: Of Note
Game of Thrones hacker worked with US defector to hack Air Force employees for Iran
Catalin Cimpanu reports: The US Department of Justice unsealed today espionage-related charges against a former US Air Force service member who defected to Iran and helped the country’s hackers target her former Air Force colleagues. Besides charges and an arrest warrant issued in the name of the former USAF service member, the DOJ also indicted…
2019 Data Breach Barometer Report Shows Massive Increase in Exposed Healthcare Records
HIPAA Journal reports: Protenus has released its 2019 Breach Barometer report: An analysis of healthcare data breaches reported in 2018. The data for the report came from Databreaches.net, which tracks data breaches reported in the media as well as breach notifications sent to the Department of Health and Human Services’ Office for Civil Rights and…
A Closer Look: SEC’s Edgar Hacking Case
Craig A. Newman writes: Last month, the U.S. Securities and Exchange Commission charged nine defendants with hacking into the agency’s EDGAR system – the online platform used by public companies for making their public filings – and stealing material nonpublic information to use for illegal trading purposes. While the charges are new, the insider trading…
Fla. Courts Require Actual Injury to Demonstrate Standing in Data Breach Cases
Nicole Rekant and Stevan Pardo write: The proliferation of data breach cases in Florida courts has focused on Article III standing. To meet the pleading standard under Article III, a plaintiff must allege sufficient facts to show the injury-in-fact is concrete, particularized, actual, and imminent, not conjectural or hypothetical. An allegation of imminent injury may suffice…
620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts
Chris Williams reports: Some 617 million online account details stolen from 16 hacked websites are on sale from today on the dark web, according to the data trove’s seller. For less than $20,000 in Bitcoin, it is claimed, the following pilfered account databases can be purchased from the Dream Market cyber-souk, located in the Tor…