Brian Krebs reports: The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of…
Insurance provider for public servants abroad detects ‘cybersecurity incident’
Safiyah Marhnouj reports: The insurance provider for members of the Public Service Health Care Plan who are posted abroad or travelling says it recently detected a “cybersecurity incident” involving its systems, but hasn’t determined what information may have been accessed. MSH International Canada said it detected the incident on Feb. 9., and immediately paused services. Law enforcement was…
New Jersey law enforcement officers sue 118 data brokers for not removing personal info
Suzanne Smalley reports: Over the course of the last week, 118 class action lawsuits were filed against data brokers who allegedly failed to respond to requests from about 20,000 New Jersey law enforcement personnel asking to remove their personal information from the internet. New Jersey law prohibits the disclosure of home addresses and unpublished telephone…
US military notifies 20,000 of data breach after cloud email leak
Zack Whittaker The U.S. Department of Defense is notifying tens of thousands of individuals that their personal information was exposed in an email data spill last year. According to the breach notification letter sent out to affected individuals on February 1, the Defense Intelligence Agency — the DOD’s military intelligence agency — said, “numerous email…
HC3: Analyst Note: Akira Ransomware
February 7, 2024 TLP:CLEAR Report: 202402071200 Executive Summary Akira ransomware is a relatively new ransomware gang that has demonstrated aggressive and capable targeting of the U.S. health sector in its short lifespan. U.S. healthcare organizations are advised to follow the steps in this alert to minimize their risk of attack. Overview Akira ransomware was first…
Rhysida ransomware decryptor publicly released
Laura French reports: A Rhysida ransomware decryption tool has been publicly released and detailed in a preprint paper by South Korean researchers Friday. The Rhysida decryptor takes advantage of a vulnerability in the ransomware’s encryption process, enabling the process to be reverse engineered to recover files. The researchers from Kookmin University and the Korea Internet…