On June 12, BreachForums reappeared on clearnet and Tor. The owner — or someone with access to the forum owner’s account — interacted a bit in the ShoutBox and posted an announcement: Hello BreachForums users! Some wild stuff has gone down recently. First off, Spamhaus has blacklisted our SMTP host. Then, we ran into more…
You permanently closed your business and then got hit with a ransomware attack. It just doesn’t seem fair, does it?
From a breach notification by civil law firm Santoro Whitmire in Las Vegas: Recently, after the firm permanently closed its business, we were the target of a ransomware attack. Ransomware is a computer virus that encrypts computer systems until and unless we pay money (i.e., the ransom) demanded by the attackers. We immediately notified law…
Ascension Cybersecurity Event Update
Posted June 12 on Ascension’s website: “We have made progress in our investigation and recovery with the help of third-party cybersecurity experts. At this point, we now have evidence that indicates that the attackers were able to take files from a small number of file servers used by our associates primarily for daily and routine…
More arrests stemming from Desjardins data breach
The Sûreté du Québec announced more arrests today stemming from the data breach disclosed in 2019 affecting Mouvement Desjardins. Some of this site’s previous coverage on that breach is linked from here. Members of the Economic Crimes Investigation Department of the Sûreté du Québec made arrests this morning as part of the Portier investigation, concerning…
Snowflake to Close Hacking Probe Into Attack Targeting Clients
Charles Gorrivan and Brody Ford report: Snowflake Inc. plans to close its own investigation this week into a hacking campaign that ensnared as many as 165 of its customers. The cloud data and analytics company hasn’t detected any unauthorized access into customer accounts since early last week, Chief Information Security Officer Brad Jones, said in an interview with Bloomberg News….
Special Health Resources’ “technical difficulties” are due to a ransomware attack
Although some threat groups or affiliates have sworn off attacking the medical sector with ransomware, not all have. On Sunday evening, June 2, Special Health Resources (“SHR”) posted a notice on their Facebook account: We are currently experiencing technical difficulties and on Monday, our health centers will only see patients who are actively sick. All…