Evolve data breach impacted upward of 7.64 million consumers
The number of persons affected by a recent data breach at Evolve Bank & Trust exceeds 7.64 million, a document submitted to the Office of the Maine Attorney General this week by the law firm representing the financial services organization reveals. According to the document, the breach occurred on February 9, but was not discovered…
Bogus: LockBit’s Claimed Federal Reserve Ransomware Hit
More reasons to beware breathless reporting about a ransomware group’s latest supposed victim: LockBit’s claim to have breached the U.S. Federal Reserve Bank. The Fed, based in Washington, is America’s central bank. It works with 12 regional Fed banks. If any aspect of that system fell victim to ransomware-wielding groups – or had data exfiltrated,…
Indonesia Refuses to Pay $8M Ransom After Cyberattack
A cybercrime group is demanding $8 million after compromising Indonesia’s national data center — an amount the government is refusing to pay. More than 200 government agencies have been disrupted by the cyberattack since June 20, according to Samuel Abrijani Pangerapan, director general of informatics applications with the Communications and Informatics Ministry. He told the…
Global Law Enforcement Disrupts LockBit Ransomware Gang
Global law-enforcement authorities including the FBI have disrupted the activities of the formidable LockBit ransomware gang, taking control of its platform and seizing data associated with its global ransomware-as-a-service (RaaS) operation. Information obtained by the operation — called Operation Cronos — includes source code, details of ransomware victims, stolen data, decryption keys, and the amount…
Canadian government impacted by data breaches of two of its contractors
The Canadian government declared that two of its contractors, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, have been hacked, resulting in the exposure of sensitive information belonging to an undisclosed number of government employees. Data belonging to current and former Government of Canada employees, members of the Canadian Armed Forces…
Known Ransomware Attack Volume Breaks Monthly Record, Again
The volume of known ransomware attacks surged last month to record-breaking levels, security researchers report. Ransomware groups collectively listed 514 victims on their data-leak sites in September, breaking the previous record in July of 502 victims, said U.K. cybersecurity firm NCC Group. The firm reports that “major drivers of this activity” include newer groups such…
Ransomware: It Takes A Village, Says NCSC
Stopping the ransomware epidemic is less about tackling individual crypto-locking malware variants and more about combating the entire ecosystem of bad actors underpinning digital extortion, the British government said Monday. Behind any infection from name-brand ransomware such as LockBit or BlackCat lies a loose network of affiliates, initial access brokers and other actors, warned the…
Breach Roundup: Swedish Insurer Fined $3M for GDPR Breach
Swedish DPA Fines Insurer The Swedish data protection authority fined insurer Trygg-Hansa $3 million for a data breach that exposed the sensitive information of approximately 650,000 customers through the company’s online portal. The data protection authority’s investigation revealed the exposure had gone on for over two years, from October 2018 to February 2021. The breach…
Why Criminals Keep Reusing Leaked Ransomware Builders
When is a LockBit ransomware attack not actually a LockBit attack? Cyber defenders are reporting a profusion of attacks involving stolen or reused strains of ransomware. Blame a variety of factors, including law enforcement crackdowns on big-name brands, evolving ransomware business models and at least one case of a ransomware group leader with poor people…
Clop ransomware dominates ransomware space after MOVEit exploit campaign
The number of ransomware attacks in July rose over 150% compared to last year and the actors behind the Clop ransomware were responsible for over a third of them. The gang took the lead from LockBit as the top ransomware threat after exploiting a zero-day vulnerability in a managed file transfer (MFT) application called MOVEit…
