Chris Duckett reports: The NSW Auditor-General Margaret Crawford has released her office’s report into how Service NSW handles personal and business information, following the agency being breached earlier this year. In May, the agency fessed up to the phishing attack, which led to 47 staff email accounts being compromised. The breach was said to have impacted 186,000 customers and…
Ransomware masquerades as mobile version of Cyberpunk 2077
Lawrence Abrams reports: A threat actor is distributing fake Windows and Android installers for the Cyberpunk 2077 game that is installing a ransomware calling itself CoderWare. To trick users into installing malware, threat actors commonly distribute them as gamer installers, cheats, and cracks for copyrighted software. Read more on BleepingComputer.
UK: People’s Energy data breach affects all 270,000 customers
Zoe Kleinman reports: The company People’s Energy has contacted all its 270,000 current customers, following a data breach. Co-founder Karin Sode told BBC News an entire database had been stolen by hackers and included information on previous customers. Data stolen included names, addresses, dates of birth, phone numbers, tariff and energy meter IDs, she said….
UK: Assurances sought Moray ambulance staff hit by data breach are receiving support
Alistair reports: Moray MP Douglas Ross is seeking an update from the Scottish Ambulance Service (SAS) after again being contacted by the whistleblower who first revealed the data information breach. The SAS launched a probe when the matter was first highlighted by the Press and Journal in October, revealing that highly personal information about employees had been…
Nuclear weapons agency breached amid massive cyber onslaught
Natasha Bertrand and Eric Wolff report: The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, officials directly familiar with the matter said. On Thursday, DOE…
Iranian nation-state hackers linked to Pay2Key ransomware
Sergiu Gatlan reports: Iranian-backed hacking group Fox Kitten has been linked to the Pay2Key ransomware operation that has recently started targeting organizations from Israel and Brazil. “We estimate with medium to high confidence that Pay2Key is a new operation conducted by Fox Kitten, an Iranian APT group that began a new wave of attacks in…