DataBreach

T-Mobile Glitch Exposes Data, Plus Retailer Breached

In T-Mobile related news this week, a faulty update exposed customer data, and T-Mobile authorized retailer Connectivity Source suffered a data breach. Faulty update mix-up  The faulty T-Mobile update resulted in customers seeing other users’ sensitive data when logged in to their T-Mobile accounts.  According to The Verge, who first broke the story on Wednesday, …

T-Mobile Glitch Exposes Data, Plus Retailer Breached Read More »

August Ransomware Roundup

According to data from eCrime.ch, 390 organizations were listed on ransomware leak sites in August. This is approximately an 18% decrease from July, which saw 478 organizations listed. The top five most targeted sectors in August were law (21), IT (18), construction (15), education (12), and government (11).  125 of the victim organizations, 32% of …

August Ransomware Roundup Read More »

Ransomware’s Threat to Education

Educational organizations are often at the top of a cybercriminal’s list of potential targets. That’s because they hold a lot of valuable data but rarely have much budget for cybersecurity. Ransomware gangs, in particular, have been aggressively targeting the sector.  In this post, I’ll dive into ransomware and the threat it poses to educational institutions, …

Ransomware’s Threat to Education Read More »

Pension Plan Holders at Risk of Identity Theft

On Wednesday, ransomware gang Cl0p began leaking the data it stole from Pension Benefits Information (PBI). The stolen data contains personal information, including SSNs, of customers of insurance and pension companies that work with PBI. Cl0p’s publication of this data puts these customers at risk of identity theft. So far, California Public Employees’ Retirement System …

Pension Plan Holders at Risk of Identity Theft Read More »

The Fallout from Cl0p’s Attack is Growing

The fallout from ransomware gang Cl0p’s massive, worldwide attack continues to grow. Police departments, state and federal agencies, and numerous companies are among the known victims. Recap Cl0p stole data from hundreds of organizations by exploiting a vulnerability in popular file transfer software MOVEit at the end of May. The cybercriminals then told organizations to …

The Fallout from Cl0p’s Attack is Growing Read More »

Cl0p Starts Naming Victims

Yesterday, ransomware gang Cl0p began listing organizations affected by its exploit of file transfer software MOVEit. The gang used the exploit to steal data from potentially hundreds of companies around the world at the end of May. The gang had previously instructed affected companies to begin negotiations by June 14th to avoid being named and …

Cl0p Starts Naming Victims Read More »

Two States Fall Victim to Ransomware Attack

On Friday, the State of Illinois and the Minnesota Department of Education both revealed they were victims of the Cl0p ransomware gang. Cl0p exploited a vulnerability in file transfer software MOVEit at the end of May, breaching up to hundreds of organizations worldwide. Minnesota Department of Education The Minnesota Department of Education (MDE) reported that …

Two States Fall Victim to Ransomware Attack Read More »

Cl0p Tells Companies to Begin Negotiations

Ransomware gang Cl0p has exploited a vulnerability in file transfer software MOVEit to compromise companies around the world. Security researcher Kevin Beaumont estimates “there are over one hundred” organizations affected by the attack, with British Airways, the BBC and Boots already confirmed as victims. Cl0p posted a message to companies who use MOVEit on their …

Cl0p Tells Companies to Begin Negotiations Read More »

Negotiating with Ransomware Gangs

Valéry Marchive, a cybersecurity journalist, has published chat logs of negotiations between ransomware gangs and their victims. The goal, he explained in a Twitter thread, is to provide a resource for ransomware victims and researchers, since “What happens during #ransomware negotiations is rarely widely shared.” Background to the chats The chats take place after companies …

Negotiating with Ransomware Gangs Read More »