As previously noted by this site and others, REvil threat actors appear to have re-emerged after disappearing in July.. Their dedicated leak site and blog are at the same Tor address as previously, but is it “Unknown” who is back, or not? A new account calling itself “REvil” registered on a popular Russian-language forum this…
HBP Financial Services Group notice of breach impacting Pathology Consultants of New London, PC
The following was found in the legal notices section of the Westerly Sun. Details for NOTICE OF DATA BREACH HBP NOTICE OF DATA BREACH HBP Financial Services Group, LTD (HBP), which serves as the practice administrator for Pathology Consultants of New London, PC (PCNL), was the victim of an IT incident that resulted in the unauthorized access…
Sg: MyRepublic data breach: 80,000 mobile users’ personal data exposed
Yahoo! reports: The personal data of about 80,000 MyRepublic mobile subscribers was accessed without authorisation last month. The telco said in a media release on Friday (10 September) that the breach took place on 29 August on a third-party data storage platform used to store the personal data of its mobile customers. Investigations showed that…
Groove VS Babuk; Groove Ransom Manifesto & RAMP Underground Platform Secret
I’m not sure if you need to be a threat analyst, a drama critic, or a bit of both these days. But Yelisey Boguslavskiy & Anastasia Sentsova of AdvIntel dive in to some of the recent goings on: On September 7, 2021, a representative of the newly-formed Groove ransomware syndicate decided to share their insights…
McDonald’s email blunder broadcasts database creds to comedy competition winners
Gareth Corfield reports: McDonald’s customers who won a prize draw competition got more than they hoped for after the burger chain emailed them login credentials for development and production databases used to power the campaign. The first person to report the blunder to McDonald’s, startup founder Connor Greig, told The Register: “It’s a bit weird,” adding…
SC: Dorchester County Government Notice of February Security Incident
DORCHESTER COUNTY, S.C., Sept. 9, 2021 /PRNewswire/ — Dorchester County Government (“Dorchester“) announced today a phishing incident involving email accounts within its email environment. The phishing incident resulted in unauthorized access to certain information collected and maintained by the County for a variety of reasons, including names, addresses, email addresses, dates of birth, Social Security numbers, driver’s…