Equifax to Pay $575m in Data Breach Settlement
22nd July 2019 | Company: Equifax | Reported Here
In a settlement between Equifax and the United States, the Federal Trade Commission (FTC) and Consumer Financial Protection Bureau (CFPB), Equifax will pay $575 million for damages related the to 2017 data breach, according to today’s press release.
The allegations against Equifax claimed that the company failed to take “reasonable steps to secure its network led to a data breach in 2017 that affected approximately 147 million people,” the release stated.
“In its complaint, the FTC alleges that Equifax failed to secure the massive amount of personal information stored on its network, leading to a breach that exposed millions of names and dates of birth, Social Security numbers, physical addresses, and other personal information that could lead to identity theft and fraud.”
Iranian Hackers attack linkedin users with phishing campaigns
22nd July 2019 | Website : Linkedin | Reported Here
Iranian Hackers attack Iranian hackers have launched a new malware attack. The cyber attack is initiated from social networking site, LinkedIn, and begins with an invitation to connect online. When the recipient accepts the LinkedIn connection, the hacker then attempts to trick the user into downloading malicious files. The malware attack was discovered in June by cyber security research firm FireEye. The cyber attack is being carried out by Advanced Persistent Threat Group APT34 which is an Iranian state sponsored hacking organization.
‘Wizard’ cybersecurity expert charged with record hack of Bulgarian tax agency
17th July 2019 | Target : Governments agency| Reported Here
A cybersecurity expert accused of hacking the data of more than 5 million Bulgarian taxpayers was released by police Wednesday after his charges were downgraded.
Kristian Boykov, a 20-year-old Bulgarian cybersecurity worker, was arrested in Bulgaria’s capital Sofia last week in connection to the breach. Police raided his home and seized computers and mobile devices with encrypted information. The hacker was found by police through the computer and software used in the attack, according to the Sofia prosecutor’s office.
TrickBot malware may have hacked 250 million email accounts
13th July 2019 | Target : Governments | Reported Here
Malicious actors behind the information-stealing malware TrickBot have added a new module that has helped them illicitly gather a database of 250 million legitimate email addresses.
Millions of these harvested addresses are linked to government agencies and employees in the U.S., according to Deep Instinct, whose researchers uncovered the new module and the giant database. In all likelihood, these addresses were collected for the purpose of targeting them in future TrickBot operations, explains a July 12 blog post by Deep Instinct malware and cyber intelligence expert Shaul Vilkomir-Preisman, who was assisted by fellow researcher Tom Nipravski.
Hackers Steal $32M Of Crypto From Japanese Exchange
12th July 2019 | Country: Japan | Reported Here
A cryptocurrency exchange in Japan has admitted that it was hacked and lost 3.5 billion yen ($32 million) of digital currency, according to reports.
The company, based in Tokyo, is called Remixpoint, and it runs an exchange called BITPoint. The company also has used car, travel and energy businesses. The company apologized for the hack on Friday (July 12), saying that the losses were confirmed a day before.
The complete picture of the hack and theft is under investigation, and the theft included Bitcoin, Ethereum, Ripple and other well known digital currencies.
Two-thirds of the losses affected customers of the exchange, the company said, and the rest belonged to the company. Transactions have been stopped in the meantime.
Hackers Demand $2 Million From Monroe
11th July 2019 | Target: Monroe College | Reported Here
A ransomware attack at New York City’s Monroe College has shutdown the college’s computer systems at campuses located in Manhattan, New Rochelle and St. Lucia.
According to the Daily News, Monroe College was hacked on Wednesday at 6:45 AM and ransomware was installed throughout the college’s network. It is not known at this time what ransomware was installed on the system, but it is likely to be Ryuk, IEncrypt, or Sodinokibi, which are known to target enterprise networks.
Reports indicate that the attackers are asking for 170 bitcoins or approximately $2 million dollars in order to decrypt the entire college’s network. The college has not indicated at this time whether they will be paying the ransom or restoring from backups while gradually bringing their network back online.
NHS Faced 11m+ Attacks Over Past Three Years
10th July 2019 | Target: NHS | Reported Here
The National Health Service’s email systems were attacked more than 11 million times in the last three years, according to new information from NHS Digital.
That’s more than 12,000 attacks a day, 500 attacks an hour, more than eight attacks every minute, for three years straight.
The numbers come courtesy of a Freedom of Information request and describes exactly the pressure NHSmail infrastructure system is facing.
NHS Digital says the NHSmail system blocked 11,352,000 email attacks. The highest ranking attacks are IP or domain reputation attacks (more than six million), followed by spam (3.6 million). A total of 852,000 incidents were recorded as anti-virus.
Cyber-Attacks Cost Global Firms $45bn in 2018
10th July 2019 | Target: Local Goverment | Reported Here
An estimated two million cyber attacks in 2018 resulted in more than $45 billion in losses worldwide as local governments struggled to cope with ransomware and other malicious incidents.
The Internet Society’s Online Trust Alliance (OTA), which identifies and promotes security and privacy best practices that build consumer confidence in the Internet, released its Cyber Incident & Breach Trends Report, which found the financial impact of ransomware rose by 60%, losses from business email compromise (BEC) doubled, and cryptojacking incidents more than tripled, all despite the fact that overall breaches and exposed records were down in 2018.
Marriott to face $123 million fine by UK authorities over data breach
9th July 2019 | Company: Marriott | Reported Here
U.S. hotel group Marriott has become the second firm to face a massive GDPR fine as the UK regulator continues on its rampage. The hotel group, which suffered a breach last year, could face a fine of over £99 million ($123 million). It shows the global impact of the regulation, which covers the personal data of EU citizens.
In a statement of the regulator’s intention to fine Marriott International, UK Information Commissioner Elizabeth Denham said: “The GDPR makes it clear that organisations must be accountable for the personal data they hold. This can include carrying out proper due diligence when making a corporate acquisition, and putting in place proper accountability measures to assess not only what personal data has been acquired, but also how it is protected.
Canonical GitHub account hacked
7th July 2019 | Company: Canonical LTD| Reported Here
Canonical Ltd, the company behind the popular Ubuntu Linux distribution, has had its software repositories on Github hacked by unknown attackers.
The hack appears to be limited to a defacement, with 11 new repos sequentially named CAN_GOT_HAXXD_1, `with no existing data being changed or deleted.
A Canonical spokesperson confirmed the attack to iTnews.
“We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credentials were compromised and used to create repositories and issues among other activities.