Stacy L. Cook and Iqra Mushtaq of Barnes & Thornburg LLP write: On March 14, 2023, the U.S. Department of Justice (DOJ) announced the settlement of a case involving alleged violations of the False Claims Act (FCA) as a result of cybersecurity failures and breach of HIPAA-protected health information. Obtained under the Civil Cyber-Fraud Initiative, this settlement emphasizes…
Ukrainian Hackers Spend $25,000 of Russian Funds on Sex Toys
“The Filthy American” writes: The Ukrainian hacking collective, Cyber Resistance announced yesterday that it successfully hacked into the AliExpress account of pro-Russian mil blogger Mikhail Luchin. The blogger, who runs the “Misha From Donbas” Telegram channel, apparently had a significant amount of funds he had raised to purchase drones for Russian troops. Now, what exactly…
TAFE data breach uncovered by SA Police
Richard Chirgwin reports: TAFE South Australia has revealed a data breach that was discovered when SA Police seized “devices containing electronic scanned copies of TAFE SA student identification forms”. TAFE SA said the identification forms included credentials such as driver’s licences and passports for enrolments prior to 2021 across all campuses. Read more at itNews.
UnitedLex hit by d0nut ransomware team, 200 GB of corporate files leaked (update4)
The d0nut ransomware team seems to be ramping up their activity and leaks. Last week, they contacted DataBreaches about Montgomery General Hospital in West Virginia. Today, they reached out to this site about UnitedLex, a firm that describes itself as helping legal teams modernize “with a consultative framework that brings together legal subject matter expertise,…
“Operation Cookie Monster” takes down Genesis Market
Brian Krebs reports: Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with “dozens” of arrests in the United…
New Money Message ransomware demands million dollar ransoms
Bill Toulas reports: A new ransomware gang named ‘Money Message’ has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data and release a decryptor. The new ransomware was first reported by a victim on the BleepingComputer forums on March 28, 2023, with Zscaler’s ThreatLabz soon after sharing information on Twitter. Read more at BleepingComputer. As…