Kim Zetter has a fascinating piece on the run-up to the SolarWinds attack. Here’s a snippet: In fact, the Justice Department and Volexity had stumbled onto one of the most sophisticated cyberespionage campaigns of the decade. The perpetrators had indeed hacked SolarWinds’ software. Using techniques that investigators had never seen before, the hackers gained access…
Suffolk, without a cyberattack recovery plan, hires chief to create one
Vera Chinese reports: Suffolk County’s new chief security information officer, announced Monday by County Executive Steve Bellone, will be charged with creating a recovery plan for potential cyberattacks in the future, administration officials said. The lack of a stand-alone recovery plan before a breach was discovered Sept. 8 likely contributed to the amount of time it has taken…
IT giant Bitmarck shuts down customer, internal systems after cyberattack
Jessica Lyons Hardcastle reports: German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. The company, one of the largest service providers for German health insurers, said no customer, patient, or insured individuals’ data had been accessed in the security breach…
T-Mobile discloses second data breach since the start of 2023
Sergiu Gatlan reports: T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds of customers for more than a month, starting late February 2023. Compared to previous data breaches reported by T-Mobile, the latest of which impacted 37 million people, this incident affected only 836 customers….
Ransomware Gang Claims Edison Learning Data Theft
Krystal Kuykendall reports: The Royal Ransomware is claiming to have infiltrated public school management and virtual learning provider Edison Learning, posting on its dark web data leak site on Wednesday, April 26, that it had stolen 20GB of the company’s data “including personal information of employees and students” and threatening to post the data “early next…
Bits ‘n Pieces (Trozos y Piezas)
CL: Saville Row attacked by BlackCat Saville Row, a Chilean clothing store, was added to BlackCat’s leak site on April 21. Sample files provided by the threat actors included internal Saville Row documents such as invoices and purchase orders. DataBreaches found no notice of any incident on the store’s website or social networks. They did…