Mathew J. Schwartz reports: How might banning ransomware victims from paying a ransom to their attacker work in practice? As ransomware groups are causing massive damage and disruption and showing no signs of stopping, Ciaran Martin, the former head of Britain’s National Cyber Security Center, said “it’s time to figure out how to make a ransomware payments…
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
From a new blog post by Microsoft: In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems. To date we have found…
UniCredit hit with £2.3 million fine for data breach
FinExtra reports: UniCredit, Italy’s second-largest bank, has been fined €2.8 million (£2.3 million) by the country’s data protection authority over 2018 data breach case. The 2018 cyber attack on the bank’s mobile banking platform impacted the data over 750,000 customers. The sanction, announced on Thursday, is a reminder that “banks must take all necessary technical…
Hamilton’s ransomware attack, week two: What we know and what we don’t
Grant LaFleche reports: On Feb. 25, a sprawling cyberattack hit the City of Hamilton’s digital network, disrupting phone lines, emails, and databases the municipality uses every day. The crisis is almost two weeks old, and the city remains largely locked out of its systems. Phone lines remain down, council meetings have been postponed, registration to recreation programs…
41 State Attorneys General tell Meta to do better in preventing and mitigating account takeovers
A coalition of state attorneys general have sent a letter to Meta asking them to do more to help users whose accounts have been hacked or taken over. The letter to Meta’s Chief Legal Officer begins: Dear Ms. Newstead: We, the undersigned attorneys general (the “State AGs”), write to request immediate action to address the…
South St. Paul Public Schools investigating potential cybersecurity threat
Maraya King reports: South St. Paul Public Schools alerted families this week to an ongoing technology disruption that is being investigated. Staff and families were notified Monday of technical difficulties “that may disrupt certain services” like online platforms, emails and other digital services. On Tuesday the district said it had been made aware of “unauthorized activity within…