Euractiv and Reuters report: Germany’s Christian Democratic Union (CDU), the country’s leading opposition party, has been hit by a major cyberattack and has taken parts of its IT-infrastructure off the grid as a precautionary measure, authorities said on Saturday (1 June). “There was a serious cyber attack on the CDU network,” Germany’s Interior Ministry said…
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
The Hacker News reports: Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign. “We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and…
Davis County high school students are hacking the hackers behind phishing schemes
Don Brinkerhoff reports: A group of high school juniors in Davis County are hacking the hackers to protect phishing victims. “All my friends and peers around me got hacked,” said Charles Mortensen a Davis County student. Mortensen said in one case, a friend who’s in foster care had her Instagram account hacked. That was the…
Snowflake data breach claims spark war of words over culpability; researchers may have been trolled
Solomon Klappholz reports: Snowflake has pinned the blame on a series of high-profile data breaches in recent days on customers failing to adequately secure production environments by using two-factor authentication. In a statement on 2 June 2024, Snowflake CISO Brad Jones pushed back on claims that major data breaches involving Ticketmaster and Santander were caused by a vulnerability or misconfiguration in Snowflake’s platform. […] Cyber crime intelligence…
HHS OCR: Covered entities affected by the Change Healthcare breach may delegate tasks of providing HIPAA breach notifications to Change Healthcare
May 31 – Today, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) published an update to the frequently asked questions (FAQs) webpage concerning the Change Healthcare cybersecurity incident. The webpage, first published on April 19, 2024, provides answers to FAQs concerning the Health Insurance Portability and Accountability Act of 1996 (HIPAA)…
Santander customers’ private data put up for sale for $2m by hackers
The Guardian reports: Hackers are attempting to sell confidential information including the bank and credit card numbers of millions of Santander customers to the highest bidder. ShinyHunters posted an advert on a hacker forum for the data, which it says also includes staff HR details, with an asking price of $2m (£1.6m). It is the…