From today’s update to the LockBit3.0 blog, now under the control of law enforcement, we read claims that law enforcement knows who and where LockBitSupp is, and that he drives a Mercedes and not a Lamborghini. Now that last bit may be enough to get a response from LockBitSupp if they’re just trolling him. But…
If you pay ransom, you may not get your data back and worse, you probably WILL get hit again – Cybereason Survey
Ever since ransomware attacks and “double extortion” attacks became common, law enforcement has urged victims not to pay ransom demands. Paying criminals ransom only encourages them to attack more victims, and despite criminals swearing they will delete their copy of your data that they stole, they don’t. Then, too, once you show them that you…
An Update on the SEC’s Cybersecurity Reporting Rules
Hunton Andrews Kurth write: As we pass the two-month anniversary of the effectiveness of the U.S. Securities and Exchange Commission’s (“SEC’s”) Form 8-K cybersecurity reporting rules under new Item 1.05, this blog post provides a high-level summary of the filings made to date. Six companies have now made Item 1.05 Form 8-K filings. Three of these companies also…
Maryville Addiction Treatment Centers Victim Of Data Breach
Jon Craig reports: Maryville, a nonprofit addition agency, is offering credit monitoring services for those who may have had their Social Security numbers and other private details exposed as a result of the incident, according to spokesman Bill Crowe. The centers affected are in Williamstown, Turnersville, Pemberton, Vineland and Franklinville. Read more at Camden Daily…
Change Healthcare responding to cyberattack; few details known at this point
Early yesterday, Change Healthcare reported that they were experiencing enterprise-wide connectivity issues. They didn’t call it a cyberattack at that point, but by mid-day, their status reports were indicating that they were experiencing “a network interruption related to a cyber security issue.” A few hours later, they added a statement, “Once we became aware of…
Unpicking LockBit — 22 Cases of Affiliate Tradecraft
As part of its roll-out of news about the LockBit disruption, the governments involved have provided additional information and resources. One of the resources is an article by Secureworks. The summary of their article: Summary The GOLD MYSTIC threat group has operated the LockBit name-and-shame ransomware-as-a-service (RaaS) scheme since mid-2019, exploiting unauthorized access to thousands…