Shaun Nichols reports: The massive amounts of exposed data on misconfigured AWS S3 storage buckets is a catastrophic network breach just waiting to happen, say experts. The team at Truffle Security says its automated search tools were able to stumble across some 4,000 open Amazon S3 buckets that included data companies would not want public, things like…
Netwalker ransomware earned $25 million in just five months
Lawrence Abrams reports: The Netwalker ransomware operation has generated a total of $25 million in ransom payments since March 1st according to a new report by McAfee. Netwalker is a Ransomware-as-a-Service (RaaS) operation that began operating in late 2019, where affiliates are enlisted to distribute the ransomware and infect victims in return for a 60-70% cut of ransom payments….
Cyber insurance: The moral quandary of paying criminals who stole your data
Asha Barbaschow reports: Earlier this year, a club with around 70,000 members found itself in a pickle: Pay a ransom or risk the personal information of those members being exposed. In this scenario, the club paid the ransomware. It was decided that the financial hit of paying outstripped the reputational harm to that business. They…
LifeLabs agrees to comply with privacy commissioners’ orders, but challenges release of investigation report
From the Office of the Information & Privacy Commissioner of British Columbia, this press release below. This is the second time in the past few months where we have seen an entity really fight an order to release a forensics report on a breach. In the U.S., we saw a court order Capital One in…
Coronavirus: Iran cover-up of deaths revealed by data leak
BBC reports: The number of deaths from coronavirus in Iran is nearly triple what Iran’s government claims, a BBC Persian service investigation has found. The government’s own records appear to show almost 42,000 people died with Covid-19 symptoms up to 20 July, versus 14,405 reported by its health ministry. The number of people known to…
AU: Aged care operator’s resident data stolen and dumped in ransomware attack
Speaking of ransomware attacks in Australia, Emma Koehn reports: ASX-listed aged care operator Regis has been hit by an international cyber attack that has led to the release of sensitive personal data, adding to the woes of the company which is battling a coronavirus outbreak at one of its Melbourne centres. The $400 million operator…