Tag Archive for: Reported

Separate ransomware attacks reported by Illinois county, college

/in


Illinois’ Henry County and Monmouth College have confirmed being impacted by separate ransomware attacks during the past week, according to The Record, a news site by cybersecurity firm Recorded Future.

Several of Henry County’s systems were taken down following the discovery of a wide-reaching intrusion on March 18, which has prompted county officials to seek assistance from law enforcement and government cybersecurity agencies in investigating the incident amid ongoing efforts to restore affected systems.

Such an incident has already been claimed by the Medusa ransomware operation, which sought a $500,000 ransom that should be paid by Friday. Toyota Financial Services, Moneris, and Water For People were some of the ransomware gang’s most recent targets.

Meanwhile, Monmouth College disclosed in filings with the Maine and California Offices of the Attorneys General that its systems had been infiltrated in a December ransomware attack, which resulted in the compromise of data belonging to 44,737 individuals, including their ID cards and driver’s licenses.

Source…

‘Mother of all data breaches’ reported in latest large-scale hack

/in


‘Mother of all data breaches’ hits numerous websites

Huirong Fu is a founding director of OU’s Center for Cybersecurity. She says this is difficult for consumers who sometimes have no choice but to register their information with companies they want to do business with.

FOX 2 (WJBK)It’s a shocking number – 26  billion account records were stolen in what’s being called the ‘mother of all data breaches.’

The leak includes popular sites like Dropbox,  Linkedin, Telegram, and Twitter. It was detailed in a report from Cybernews.com and is unsettling for anyone who ever goes online. 

“It’s horrible. It’s really horrible,” said Professor Huirong Fu, of Oakland University.

Fu is a founding director of OU’s Center for Cybersecurity.  She says this is difficult for consumers who sometimes have no choice but to register their information with companies they want to do business with.

This includes taking birthdays, addresses, and sometimes even Social Security numbers, putting many people between a rock and a hard place.

“We have no choice, if they don’t want to provide this information, they can not use their platform,” she said. “This is horrible.”

Cybernews.com calls it the “Mother of all Breaches” – 12 terabytes of information. Some companies you’ve likely used,

So can you do anything?

The Federal Trade Commission has some general tips: Secure your devices by keeping security software, internet browser, and operating systems up to date. protect your accounts — particularly those with personal information, like your bank, email, and social media accounts.

Strong passwords and multi-factor authentication can really help. Also be very circumspect when giving out any personal information to any organization even if you trust them, because the possibility of a hack is always a real threat.

For more on the data breach click here.

Source…

Data breach reported by Suffolk County computer security vendor

/in


A computer security application that Suffolk County installed last year to protect its systems in the wake of a 2022 cyberattack has itself been the subject of a data breach, leading Suffolk this week to alert its computer administrators to potential new attacks.

In an email obtained by Newsday, Suffolk’s computer team notified administrators across its network that a breach last month of computer security company Okta could result in attempts by hackers to gain access to systems protected by the measures.

Okta makes a security product known as a multi-factor authentication which verifies the identity of users requiring a unique security code sent to a cellphone or email system outside the primary work address.

A copy of an email sent to IT administrators in Suffolk on Wednesday noted that Okta “just revealed” that a “threat actor ran and downloaded a report that contained the names and email addresses of all Okta customer support system users.”

WHAT TO KNOW

  • A computer security application that Suffolk County installed last year to protect its systems in the wake of the 2022 cyberattack has itself been the subject of a data breach
  • Suffolk has alerted its computer administrators that the breach of computer security company Okta could result in potential new attacks.
  • Okta makes a product known as a multi-factor authentication which verifies the identity of users requiring a unique security code sent to a cellphone or email system outside the primary work address.

It notes that every administrator that has “ever been created for our Okta tenant is present in this report.”

For Suffolk and other customers, the breach means there is a “possibility that the threat actor may use this information to target Okta customers via phishing or social engineering attacks.” Such attacks lure computer users into exposing sign-in or password information by appearing to come from legitimate sources.

Suffolk alerted its administrators to “ensure that all” have multi-factor authentication enrolled and activated to “protect not only the customer support system, but also to secure access to their Okta admin console.”

“I just wanted to let you know so you can be vigilant…

Source…

Hacker chutzpah: Ransomware group says it reported victim to SEC

/in


Cybercriminal group Alphv said it reported a victim of one of its ransomware attacks to the Securities and Exchange Commission for supposedly violating the regulator’s new rule mandating publicly traded companies report substantial cybersecurity incidents.

The company, financial software firm MeridianLink, confirmed it suffered an attack but had not yet determined the extent of personal information compromised.

“MeridianLink recently identified a cybersecurity incident,” a spokeswoman for the company said Friday. “Safeguarding our customers’ and partners’ information is something we take seriously. Upon discovery, we acted immediately to contain the threat and engaged a team of third-party experts to investigate the incident.”

The spokeswoman added that the company had identified “no evidence of unauthorized access to our production platforms” and that the incident caused minimal business interruption.

“If we determine that any consumer personal information was involved in this incident, we will provide notifications, as required by law,” the spokeswoman said. “We have no further details to offer currently, as our investigation is ongoing.”

MeridianLink counts many credit unions and some community banks as customers. The company reported $288 million in revenue last year.

MeridianLink did not have to report the incident in an 8-K filing, as Alphv claimed, because the SEC’s new rule regarding material data breaches does not take effect until next month. Rather, cybersecurity experts said the report was merely a means of putting additional pressure on MeridianLink, which Alphv is extorting via the threat of releasing the data it stole.

The SEC’s rule gives publicly traded companies four days to report a security incident from the time that the company determines it to be “material.” Alphv said it compromised MeridianLink on Nov. 7. Alphv posted on Wednesday on its victim-shaming website about the SEC complaint it said it filed.

The SEC did not immediately respond to a request for comment. Other reports indicated the commission was not commenting on the matter.

The “misuse” of the SEC’s form for flagging unreported data breaches was entirely foreseeable, according to Ilia Kolochenko, CEO of…

Source…