January 30, 2018 Incidents of cyber extortion have risen steadily over the past couple of years and, by many estimates, will continue to be a major source of disruption for many organizations. Cyber extortion can take many forms, but it typically involves cybercriminals’ demanding money to stop (or in some cases, to merely delay) their…
Category: Of Note
Hacking and phishing accounted for 75% of breaches reported to North Carolina in 2017
North Carolina issued a Security Breach Report for 2017. From the Executive Summary: This report provides a summary and discussion of the 1,022 data breaches reported to the North Carolina Department of Justice (NCDOJ) between January 1, 2017 and December 31, 2017. Under North Carolina law, businesses and state and local governments are required to…
Bill updates Iowa’s data security protections
Erin Jordan reports: Data security breaches at big corporations, including Equifax and Target, spurred the Iowa Attorney General’s Office to seek changes to Iowa law to further protect consumers. House Study Bill 526, discussed in a Judiciary subcommittee Tuesday, would update Iowa’s data breach notification act, which requires businesses, nonprofits and other entities hit by…
The 2018 W-2 Phishing/BEC Victims List
As this site has done in 2016 and 2017, DataBreaches.net will maintain a list of entities that disclose that they have become victims of a W-2 phishing or business email compromise (BEC) attack. For 2016, we compiled 175 incidents (although some of them didn’t become public knowledge until 2017), and for 2017, we had 204 incidents…
Coincheck hacked in ¥58 billion cryptocurrency heist, four years after Mt. Gox
Kazuaki Nagata reports: Echoing the Mt. Gox fiasco nearly four years ago, Tokyo-based cryptocurrency exchange Coincheck disclosed Friday it had been hacked and lost about ¥58 billion ($532 million) worth of its holdings, sending clients into a panic about the fate of their virtual assets. If confirmed, the heist would surpass the ¥48 billion ($390…
Allscripts Hit with Class-Action Complaint After Ransomware Attack
Can’t say that I’m surprised, not after reading that practices were having to turn patients away because they couldn’t access their patient records or billing records. Rajiv Leventhal reports that a class action complaint has been filed against Allscripts: It was just last week when electronic health record (EHR) vendor Allscripts suffered a ransomware attack…