The Brain Cipher ransomware group claims they orchestrated a cyberattack on several French national museums, including the iconic Le Grand Palais, during the recent Olympic Games. They allege they have stolen 300GB of data and plan to leak it today. The attack targeted financial systems related to 40 institutions overseen …
A new malware campaign targeting Magento-based online stores has surfaced, with cybercriminals injecting digital skimmers to steal credit card details. These skimmers capture information like card numbers, expiration dates, and CVV codes during the checkout process. The attackers exploited a common vulnerability across hundreds of stores, resulting in over a …
The Everest ransomware group, a Russian-speaking threat actor, has intensified its focus on the U.S. healthcare sector. This group, active since 2020, recently claimed responsibility for attacks on medical care providers in New York and Nevada, stealing sensitive patient and doctor information. Everest’s activities include ransomware operations and selling unauthorized …
Security researchers at Palo Alto Networks uncovered a large-scale extortion campaign exploiting misconfigured cloud environments. Attackers targeted over 110,000 domains by accessing exposed .env files, which contained sensitive information like AWS IAM keys, SaaS API keys, and database logins. These misconfigurations allowed attackers to infiltrate cloud environments, exfiltrate data, and …
There were no email addresses in the social security number files. If you find yourself in this data breach via HIBP, there’s no evidence your SSN was leaked, and if you’re in the same boat as me, the data next to your record may not even be correct.
In August, hackers leaked 2.7 billion records from National Public Data on a dark web forum. The data includes Social Security numbers and other sensitive information. The breach, tied to the cybercriminal group USDoD, affected individuals in the U.S., U.K., and Canada. The stolen records, shared in two CSV files …
Ransomware attacks surged in the first half of 2024, with Rapid7 reporting more than 2,570 incidents—an average of 14 attacks per day. The number of criminal groups has expanded, increasing pressure on victims, as 68 groups posted 2,611 data leaks, a 23% rise from last year. Despite law enforcement efforts, …
Jerico Pictures Inc., operating as National Public Data, exposed nearly 3 billion personal records in an April data breach. On April 8, the cybercriminal group USDoD listed the “National Public Data” database for sale on a dark web forum, demanding $3.5 million. The breach, one of the largest ever, includes …
Ransomware attacks have become a relentless threat, with nearly one-third of companies paying a ransom four or more times in the past year to regain access to their systems, according to Semperis. More than a third of companies either didn’t receive decryption keys or received corrupted ones, leaving them without …
Healthcare organizations are vulnerable to data breaches due to insecure file-sharing practices. Metomic reports that 25% of publicly shared files and 68% of private files shared externally contain Personal Identifiable Information (PII). 77% of private files shared internally hold sensitive data. Failing to update or remove access permissions leaves organizations …
