Last week, news broke that Spoutible, a Twitter alternative, had exposed sensitive user data thanks to a leaky API. In this post, I’ll explain what data was leaked and give you some tips to protect yourself from the fallout of future breaches. What happened? Someone (we don’t know who) discovered a vulnerability in Spoutible’s API, […]
Spoutible’s Leak & How to Protect Yourself Read More »
Last week, two Chicago based hospitals revealed they had been attacked by cybercriminals. LockBit strikes Saint Anthony Hospital Saint Anthony Hospital was targeted by LockBit, a prolific ransomware gang, in December. The gang posted the hospital on its leak site on January 31st and demanded to be paid nearly $900,000 to avoid leaking stolen hospital
Hackers Attack Two Chicago Hospitals Read More »
November was a busy month in the ransomware world. Two of the highest impact attacks were on Ardent Health Services and Fidelity National Financial, disrupting patient care and causing chaos in the housing market, respectively. But it wasn’t all bad news, thanks to the capture of ransomware criminals in Ukraine. Hospitals hacked Ardent Health Services
November Ransomware Roundup Read More »
If you use one of three popular genetics and genealogy services, you’ll soon have to set up two-factor authentication (2FA) on your account. With 2FA enabled, you’ll need to enter a code sent via text, email or generated by an app on your phone to complete the login process. Hackers target 23andMe 23andMe, Ancestry, and
Protect Your DNA with 2FA! Read More »
Two ransomware gangs had bad news in October, as their data leak sites were taken down. However, ransomware operators still caused havoc, with a new gang emerging and unlikely alliances forming between groups. Data leak sites taken down Ransomware gang Trigona was attacked by a group of hacktivists known as the Ukrainian Cyber Alliance (UCA).
October Ransomware Roundup Read More »
According to data from eCrime.ch, 462 organizations were listed on ransomware leak sites in September. This is up approximately 18% from August, which saw 390 organizations named and shamed on the dark web. The true number of successful ransomware attacks in both months is, however, likely much higher. That’s because organizations that are attacked but
September Ransomware Roundup Read More »
In T-Mobile related news this week, a faulty update exposed customer data, and T-Mobile authorized retailer Connectivity Source suffered a data breach. Faulty update mix-up The faulty T-Mobile update resulted in customers seeing other users’ sensitive data when logged in to their T-Mobile accounts. According to The Verge, who first broke the story on Wednesday,
T-Mobile Glitch Exposes Data, Plus Retailer Breached Read More »
According to data from eCrime.ch, 390 organizations were listed on ransomware leak sites in August. This is approximately an 18% decrease from July, which saw 478 organizations listed. The top five most targeted sectors in August were law (21), IT (18), construction (15), education (12), and government (11). 125 of the victim organizations, 32% of
August Ransomware Roundup Read More »
Educational organizations are often at the top of a cybercriminal’s list of potential targets. That’s because they hold a lot of valuable data but rarely have much budget for cybersecurity. Ransomware gangs, in particular, have been aggressively targeting the sector. In this post, I’ll dive into ransomware and the threat it poses to educational institutions,
Ransomware’s Threat to Education Read More »
On Wednesday, ransomware gang Cl0p began leaking the data it stole from Pension Benefits Information (PBI). The stolen data contains personal information, including SSNs, of customers of insurance and pension companies that work with PBI. Cl0p’s publication of this data puts these customers at risk of identity theft. So far, California Public Employees’ Retirement System
Pension Plan Holders at Risk of Identity Theft Read More »
After adding a Massachusetts school district to their dark web leak site last Wednesday, the Royal ransomware gang appears to have had a change of heart. In a lengthy statement shared by security researcher Dominic Alvieri on Twitter, the gang claimed they were no longer planning to release the stolen data and had instead deleted
Ransomware Gang Has a Change of Heart? Read More »
