Earlier today, AlphV added MeridianLink to their leak site. MeridianLink (MLNK) is the provider of a loan origination system and digital lending platform for financial institutions. AlphV’s listing has been temporarily removed to be updated, but DataBreaches has learned some additional details from someone involved in the attack. The attack was last Tuesday, November 7….
Category: Of Note
FBI knows identities of some U.S. members of “Scattered Spider,” but no arrests so far?
Zeba Siddiqui, Christopher Bing, and Raphael Satter report: The U.S. Federal Bureau of Investigation (FBI) has struggled to stop a hyper-aggressive cybercrime gang that’s been tormenting corporate America over the last two years, according to nine cybersecurity responders, digital crime experts and victims. For more than six months, the FBI has known the identities of…
The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story
A snippet from another great read by WIRED: After a typical sleepless night at his keyboard, 19-year-old Josiah White sat staring at the three flatscreen monitors he’d set up on a workbench in a messy basement storage area connected to the bedroom he shared with his brother in their parents’ house. He was surrounded by…
Denmark Hit With Largest Cyberattack on Record
Chris Riotta reports: Hackers potentially linked to the Russian GRU Main Intelligence Directorate carried out a series of highly coordinated cyberattacks targeting Danish critical infrastructure in the nation’s largest cyber incident on record, according to a new report. SektorCERT, a nonprofit cybersecurity center for critical sectors in Denmark, reported that attackers gained access to the…
New York Plans Cyber Rules for Hospitals
James Rundle reports: New York regulators Monday plan to issue cybersecurity regulations for hospitals, after a series of attacks crippled operations at medical facilities. Under draft rules reviewed by The Wall Street Journal, New York will require general hospitals to develop and test incident response plans, assess their cybersecurity risks and install security technologies such…
If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures
— An OpEd by DataBreaches– When it comes to data breach disclosures, the very same entities who claim to take our privacy and security very, very seriously are generally not being transparent in their breach disclosures. Their refusal to be transparent often results in consumers and patients being left in the dark about the risks…