CSO reports: Zero-day exploits, supply chain attacks fuel 72% increase over previous record for incidents of compromise. Another increase is expected for 2024. A new record for data breaches reported to the Identity Theft Resource Center (ITRC) was set in 2023, spurred by zero-day and supply chain attacks, according to the organization’s annual data breach report released Thursday. The report…
23andMe’s data hack went unnoticed for months
23andMe may try to blame the victims for their massive data breach, but how are they going to blame anyone for it taking them five months to detect the breach? Mariella Moon reports: In late 2023, genetic testing company 23andMe admitted that its customer data was leaked online. A company representative told us back then that the bad…
Interview with the Knight Group, the heir of Cyclops
Marco A. De Felice, aka amvinfe, writes: It happens very often nowadays to witness the sudden disappearance of ransomware groups that have been active for only a few months. In the last three years, we have counted at least twenty of them that have “vanished from the radar” of journalists and researchers. Some of these…
Russian TrickBot malware dev sentenced to 64 months in prison
Following up on the case of Vladimir Dunaev, a Russian national who was extradited to the U.S. from Korea in 2021 and pleaded guilty in December 2023 for his role in creating and distributing Trickbot malware, Sergiu Gatlan reports: Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for…
UK: South Tees Hospitals NHS Foundation Trust reprimanded for “serious, harmful” data breach
The Information Commissioner’s Office (ICO) has today announced it has reprimanded South Tees Hospitals NHS Foundation Trust for a data breach which resulted in a disclosure containing sensitive information to a unauthorised family member. In November 2022, a Trust employee sent a standard letter to inform the father of a patient of an upcoming appointment,…
Washington State Appeals Court to hear data breach lawsuit against Chelan Douglas Health District
KPQ reports: The Washington Appeals Court will hear a case from two people suing Chelan Douglas Health District over a security breach. The Health District reported a breach in July of 2021 but did not inform possible victims or the public until March 2022. The district said Social Security numbers, dates of birth or death,…