Catalin Cimpanu reports: The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer. The data, dumped on an underground cybercrime forum on Monday, July 26, is now being widely distributed on torrent sites….
Cayuga Medical Center and Wisconsin Institute of Urology notifying patients of breaches
In addition to a breach reported by Renaissance, two other breaches involving protected health information were disclosed yesterday. Here’s what you might want to know about those: Cayuga Medical Center We are still first learning about some victims of the Accellion data breach that took place back in December and January when threat actors exploited…
Westfield IT director stops what appeared to be active cyber security breach after clerk-treasurer issues third-party contract
Did a city’s IT Director stop a breach in progress or did he just interrupt a forensic investigation by a firm that had been hired but never identified to his office? Anna Skinner reports on what seems to be a case of Westfield officials either not communicating well with each other, or not trusting each…
Health insurer notifies members after third-party vendor suffers ransomware attack
It appears that a third-party vendor has quietly paid ransom to unidentified threat actors. In a press release yesterday, Renaissance Life & Health Insurance Company of America says they were notified on June 1 by their vendor, Secure Administrative Solutions LLC (“SAS”), of a ransomware incident that involved unauthorized access to its systems occurred between…
EE: RIA unlikely to be fined over mass photo hack, victims not compensated
ERR News reports that a recently reported data security incident is unlikely to result in any monetary penalty or compensation claims: A recent hack by a single individual of close to 300,000 personal identification photos from the State Information System (RIA) is unlikely either to result in compensation to those whose data was stolen, or…
New destructive Meteor wiper malware used in Iranian railway attack
Lawrence Abrams reports: A new file wiping malware called Meteor was discovered used in the recent attacks against Iran’s railway system. Earlier this month, Iran’s transport ministry and national train system suffered a cyberattack, causing the agency’s websites to shut down and disrupting train service. The threat actors also displayed messages on the railway’s message boards…