Aditya Raghuwanshi reports: NASCAR’s cybersecurity defenses were put to the test earlier this year, and now the sport has confirmed what had long been rumored: a ransomware group successfully breached its internal systems in March 2025. The attack, carried out by the Medusa group, reportedly resulted in over 1 terabyte of sensitive data being stolen—including…
Category: U.S.
Infinite Services notifying employees and patients of limited ransomware attack
On May 5, 2025, Infinite Services in New York became aware of suspicious activity when employees were unable to log into the network. “Several servers were off, but one remained on which had an extension from the threat actor group,” external counsel SpencerFane informed the New Hampshire Attorney General. “The electricity was unplugged from the…
Clorox Files $380M Suit Alleging Cognizant Gave Hackers Passwords in Catastrophic 2023 Cyberattack
Rochdi Rais reports: The Clorox Company and its subsidiary, Clorox Services Co., today filed a $380 million lawsuit in California state court against Cognizant Worldwide Ltd. and its New Jersey affiliate, Cognizant Technology Solutions US Corp. The complaint alleges that Cognizant enabled a “catastrophic” cyberattack on Clorox’s corporate network in August 2023 by handing over sensitive…
Two more entities have folded after ransomware attacks
It is still fairly rare for a ransomware victim to totally shutter its doors permanently as a result of an incident, but a relatively small breach in Georgia was reportedly fatal for Ascension Health Services LLC DBA Alpha Wellness and Alpha Medical Centre. A notice on its website dated April 4, 2025 reads: We are…
Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
Cole Waterman reports: Two Florida men allegedly spent a September day burglarizing ATMs in four Michigan counties, making off with more than $100,000. The next month, police found them in a Minnesota hotel amid stacks of cash. The duo is now facing federal charges for allegedly engaging in a lucrative, tech-savvy scam known as “ATM…
Missouri Adopts New Data Breach Notice Law
J. Randall Coffey, Daniel Pepper, and Jillian Seifrit of Fisher Phillips write: On July 2, Missouri’s Governor approved House Bill 974, “The Insurance Data Security Act,” which will establish standards for insurers and licensed entities regarding data security, breach investigations, and notification protocols when it takes effect on January 1, 2026. What are the 10…