Earlier this week, DataBreaches reported that Imagine360 had the unfortunate experience of discovering that two of their file-sharing platforms had both suffered breaches within days of each other: Citrix and Fortra/GoAnywhere. Today we bring you another double-whammy scenario. But in this one, it’s not two different platforms being breached within days of each other. This…
Category: Subcontractor
If Kirkland & Ellis Can’t Avoid Cyberattacks, Who Can?
Justin Henry reports: By exploiting a vulnerability in a widely used file transfer application, hackers were able to access the internal information of several large organizations, including three Am Law 50 law firms, highlighting the vulnerability of widespread use of one third-party application. The incident has observers wondering: If some of the largest and most profitable…
Imagine360 discovers that two of its file-sharing platforms were hit within days of each other.
With all the big attacks on third-party vendors, it’s not surprising that some entities are reporting two or more breaches in a short period of time. Imagine360, LLC, is a self-funded health plan for employers. On or around January 30, Imagine360 identified unusual activity within Citrix, its third-party file-sharing platform. Imagine360 terminated access to the…
Cyberattack knocks out satellite communications for Russian military
Joseph Menn reports: A satellite communications system serving the Russian military was knocked offline by a cyberattack late Wednesday and remained mostly down on Thursday, in an incident reminiscent of an attack on a similar system used by Ukraine at the start of the war between the countries. Dozor-Teleport, the satellite system’s operator, switched some…
TSMC confirms data breach after LockBit cyberattack on third-party supplier
Carly Page reports: Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest contract chipmaker, has confirmed it’s experienced a data breach after being listed as a victim by the LockBit ransomware gang. The Russia-linked LockBit ransomware gang listed TSMC on its dark web leak site on Thursday. The gang is threatening to publish data stolen from the company,…
Breach of the Protection Obligation by Fullerton Healthcare and Agape CP Holdings
From the Privacy and Data Protection Commission of Singapore, there’s an update to a breach that was previously disclosed in October 2021: A financial penalty of $58,000 and $10,000 was imposed on Fullerton Healthcare and Agape CP Holdings respectively for failing to put in place reasonable security arrangements to protect personal data belonging to Fullerton…