PA Senate passes bills aimed at ransomware, data breaches

AP reports: Pennsylvania’s state Senate passed a package of legislation on Wednesday aimed at preventing data security breaches and requiring victims and law enforcement officials to be notified when they do happen. The bills’ passage comes barely two weeks after the state’s unemployment compensation system acknowledged that hackers changed bank account information in some...

Hacker steals $200,000 through Multichain bug, offers to return 80% to victim

Tim Copeland reports: The ongoing exploitation of the cross-chain protocol Multichain has now totaled $1.5 million, according to ZenGo co-founder Tal Be’ery. A bug in the protocol is being exploited by multiple blockchain wallets, with either one hacker or many behind the attacks. One of the hackers, who has stolen $200,000 through this bug, has offered some...

UK: Gloucester Council cyber attack linked to Russian hackers

BBC reports: A cyber attack which has knocked out parts of a council website has been linked to the work of Russian hackers. Gloucester City Council became aware that its IT systems had been affected on 20 December last year. Since then, the council’s online revenue and benefits, planning and customer services have been...

Moncler confirms ransomware attack and data breach

Sead Fadilpašić reports: Italian luxury fashion brand Moncler has confirmed it suffered a major ransomware attack that led to a data breach. In a press release, the company said that after the incident occurred in late December last year, it had received a ransomware demand, which it rejected, as it goes “against its founding principles”. As...

OpenSubtitles discloses successful extortion attempt, data breach

Catalin Cimpanu reports: OpenSubtitles, a website that provides free subtitles for movie fans, has disclosed today that it was hacked last year and subsequently paid a ransom to silence the hacker about the attack. The company disclosed today the incident after a copy of the stolen files leaked online and were indexed by the HaveIBeenPwned...

Kings Plant Barn the latest retailer hit by click-and-collect data breach

Chris Keall reports: Kings Plant Barn has contacted customers about a security breach to FlexBooker, the internet-based system it uses to organise click-and-collect bookings. Names, email addresses and collection times were exposed. But the gardening chain says no credit card, password details or mobile have been spilled. Read more at New Zealand Herald.

Albuquerque Schools Confirm Ransomware Attack, Resume Class

Cedar Attanasio reports confirmation of what many of us suspected: Albuquerque Public Schools officials  said Tuesday a cyber threat that forced the district to cancel classes for two days last week was a ransomware extortion attack. Read more at AP. The district is still saying that there is no evidence that any personal info...