Josh Taylor reports a win for transparency: Optus has lost a bid in the federal court to keep secret a report on the cause of the 2022 cyber-attack – which resulted in the personal information of about 10 million customers being exposed – after a judge rejected the telco’s legal privilege claim. After the hack, the company announced…
Category: Of Note
UK: Nearly £2 million of stolen cryptocurrency to be paid back to victims
An interesting press release from the South East Regional Organised Crime Unit (SEROCU): Around £1.9 million worth of stolen cryptocurrency is to be paid back to victims of theft as a result of work by the South East Regional Organised Crime Unit (SEROCU). On 27 January this year, 40-year-old Wybo Wiersma, of Het Weike, Goredijk,…
Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack
Team Huntress writes: In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat actor activity against multiple healthcare organizations. The attackers abused a locally hosted instance of a widely-used remote access tool, ScreenConnect—utilized by the company Transaction Data Systems (which…
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)
Helga Labus reports: A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. […] The (limited) attacks were first spotted by the Microsoft Threat Intelligence team, and they notified Israeli software maker SysAid about them on November…
Southwestern Ontario hospitals will rebuild network from scratch amid fallout from cyberattack; more data leaked
CBC reports: All five southwestern Ontario hospitals impacted by a cyberattack just over two weeks ago will rebuild their networks from scratch, the hospitals say in an update Wednesday. But the hospitals also say the investigation into precisely whose data was taken in the attack is expected to take months. “Through our investigation we know…
Attorney General James Secures $450,000 from US Radiology Specialists for failing to protect patient data
The following press release from the NYS Attorney General’s Office relates to an incident previously noted on DataBreaches.net. The Assurance of Discontinuance provides details on the breach not previously known to this site and serves as a reminder of the need to timely update and patch. NEW YORK – New York Attorney General Letitia James…