The first time DataBreaches remembers hearing about the man who calls himself “USDoD” was when he posted a sales listing for member data from InfraGard. He had not only managed to acquire data on 80,000 members of an organization dedicated to protecting critical infrastructure, but his revelation of his method exposed some embarrassingly inept security…
Category: Of Note
Au: Federal government could pay millions in compensation over asylum seeker data breach
Ben Doherty reports: The Australian government may be liable for tens of millions of dollars in compensation to asylum seekers after it posted their personal details online while they were in immigration detention. The mass data breach, discovered by Guardian Australia in 2014, resulted in information being used, in some cases, to allegedly threaten asylum seekers, or…
AlphV responds to MGM incident and sloppy reporting
AlphV has posted a statement about their attack on MGM Resorts. They also post some scathing criticisms of journalists and news outlets for reporting inaccurately and not verifying sources. Of note, their statement also asserts, “The ALPHV ransomware group has not before privately or publicly claimed responsibility for an attack before this point. Rumors were…
IOCTA spotlight report on malware-based cyber-attacks published
Following the Internet Organised Crime Assessment (IOCTA) 2023, today Europol published the spotlight report “Cyber Attacks: The Apex of Crime-as-a-Service”. It examines developments in cyber-attacks, discussing new methodologies and threats as observed by Europol’s operational analysts. The report also outlines the types of criminal structures that are behind cyber-attacks, and how these increasingly professionalised groups are exploiting…
HC3: Sector Alert: Akira Ransomware
September 12, 2023 TLP:CLEAR Report: 202309121400 Akira Ransomware Executive Summary Akira is a Ransomware-as-a-Service (RaaS) group that started operations in March 2023. Since its discovery, the group has claimed over 60 victims, which have typically ranged in the small- to medium-size business scale. Akira has garnered attention for a couple of reasons, such as their…
Chambersburg Area School District answers some questions about ransomware attack, won’t say if they paid hackers
A statement and FAQ by the Chambersburg Area School District, as shared by TriState Alert, appears below.The district offers its reasons (translation: excuses) for not answering the questions parents and the public really want to know: did the district pay ransom, and was personal information acquired by the attackers? Although the district did not name…