LastPass’s August incident contributed to a new incident

There’s an update to the LastPass security incident they disclosed in August. LastPass had released its findings from that incident in a September update, posted on their site. But now there’s another a new disclosure involving an incident facilitated by the August incident.  LastPass’s CEO, Karim Toubba, writes: We recently detected unusual activity within a...

Sandworm gang launches Monster ransomware attacks on Ukraine

Jeff Burt reports: The Russian criminal crew Sandworm is launching another attack against organizations in Ukraine, using a ransomware that analysts at Slovakian software company ESET are calling RansomBoggs. In a Twitter thread, the ESET researchers wrote that they had detected RansomBoggs deployed within the networks of “multiple organizations in Ukraine.” While some aspects of...

Connexin Software notifies parents of 2.2 million pediatric patients of hack

Connexin Software, a business associate to numerous pediatric practices, recently notified HHS that it experienced a breach that affected 2,216,365 patients. One thing DataBreaches noted with interest in their substitute notice below is their statement that an unauthorized individual was able to access an offline set of patient data used for data conversion and...

Liability for cyber attacks clarified by Ontario Court of Appeal

Molly Reynolds, Nic Wall, and Shalom Cumbo-Steinmetz of Torys LLP write: The Ontario Court of Appeal released a trilogy of decisions on November 25 on the availability of the “intrusion upon seclusion” tort in data breach class actions. At issue was whether the tort can be used against corporate defendants that had been hacked...

Trigona ransomware spotted in increasing attacks worldwide

Lawrence Abrams reports: A previously unnamed ransomware has rebranded under the name ‘Trigona,’ launching a new Tor negotiation site where they accept Monero as ransom payments. Trigona has been active for some time, with samples seen at the beginning of the year. However, those samples utilized email for negotiations and were not branded under...