Sergiu Gatlan reports: A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company’s customers in an ongoing supply chain attack. 3CX is a VoIP IPBX software development company whose 3CX Phone System is used by more than 600,000 companies worldwide and…
Category: Subcontractor
Dutch railway NS warns 780,000 customers about data breach
NL Times reports: The Dutch national railway, NS, has warned about 780,000 customers that their personal data may be involved in a data breach.The train operator works closely with market research firm Blauw. External parties gained access to personal data at via a software supplier for that company. For example, e-mail addresses, telephone numbers or…
NYS Secures $200,000 from Law Firm for Failing to Protect New Yorkers’ Personal Data
NYS Attorney General Letitia James announced a settlement: New York Attorney General Letitia James secured $200,000 from the law firm, Heidell, Pittoni, Murphy & Bach LLP (HPMB) for failing to protect New Yorkers’ personal and healthcare data. HPMB’s poor data security measures made it vulnerable to a 2021 data breach that compromised the private information of approximately…
AU: Crown Resorts acknowledges getting ransom demand over GoAnywhere breach
Reuters reports: Australia’s biggest casino operator Crown Resorts said on Monday it was investigating a data breach at its third-party file transfer service, GoAnywhere, in which hackers obtained a limited number of Crown’s files. “We were recently contacted by a ransomware group who claimed they have illegally obtained a limited number of Crown files,” a…
What’s happening with the Latitude Financial cyber attack? Millions of customer details stolen in one of the largest-known data breaches in Australia
Part of ABC’s write-up today: What do we know about who has been hit by the cyber attack? The consumer finance company announced on Monday: 7.9 million Australian and New Zealand drivers licence numbers have been stolen about 53,000 passport numbers were stolen less than 100 customers had a monthly financial statement stolen An additional 6.1 million…
Fortra told breached companies their data was safe
Zack Whittaker and Carly Page report: Software maker Fortra told its corporate customers that their data was safe — even when it wasn’t — following a ransomware attack on its systems, TechCrunch has learned. … TechCrunch has heard from two victim organizations that only learned that data had been exfiltrated from their GoAnywhere systems after…