Sean Lyngaas reports: Hackers stole data belonging to multiple electric utilities in an October ransomware attack on a US government contractor that handles critical infrastructure projects across the country, according to a memo describing the hack obtained by CNN. […] The ransomware attack hit Chicago-based Sargent & Lundy, an engineering firm that has designed more…
Ransomware attacks hit Iowa schools, including Davenport, although public often left in dark
Maggie Bashore has an article on ransomware attacks hitting Iowa school districts over the past three years that covers a lot of issues, including the costs of cyberinsurance over time and the difficulties smaller districts may have in meeting requirements to even get a policy. She reports, in part: Fringer advises 45 school districts in…
Cyber insurers “missing” key nuances in their underwriting strategies
Bethan Moorcraft reports: Cyber insurers are hyper-focused today on best-practice risk mitigation and cybersecurity protocols. Many carriers have introduced minimum security requirements – such as enabling multi-factor authentication (MFA) for email and remote access, and possibly even using end-point detection and response (EDR) technology – before they’ll even consider writing a policy. This type of…
Vendor Claims to Have Scraped 400M Twitter User Records (with UPDATE 1)
Perhaps the top story this past week involves a sales offering on a popular hacking-related forum. The seller, who first joined the forum in December, has listed information on 400 million Twitter users for sale. No price is specified in the listing. The data, that were allegedly scraped due to a vulnerability, include email, name,…
Cyber attacks set to become ‘uninsurable’, says Zurich chief
Ian Smith reports: The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow. Insurance executives have been increasingly vocal in recent years about systemic risks, such as pandemics and climate change, that test the sector’s…
Vanuatu ransomware attack claimed by RansomHouse
As previously reported, the South Pacific archipelago Vanuatu announced in early November that they had been hit with a ransomware attack that pretty much stranded the islands. Almost one month later, the islands had not recovered. On December 24, RansomHouse threat actors added the government of Vanuatu to their leak site, claiming to have locked…