Sergiu Gatlan reports: Air France and KLM have informed Flying Blue customers that some of their personal information was exposed after their accounts were breached. Flying Blue is a loyalty program allowing clients of multiple airlines, including Air France, KLM, Transavia, Aircalin, Kenya Airways, and TAROM, to exchange loyalty points for various rewards. Read...
Hive ransomware gang has added another healthcare-related victim to its leak site. This time, the victim is Consulate Health Care (CHC), a chain of service providers with a troubled financial history. Enter Hive, Stage Left Hive’s listing for CHC indicates that they locked CHC’s files on December 3. Hive has already leaked some of...
January 04, 2023 TLP:CLEAR Report: 202301041300 Executive Summary Clop operates under the Ransomware-as-service (RaaS) model, and it was first observed in 2019. Clop was a highly used ransomware in the market and typically targeted organizations with a revenue of $5 million U.S. Dollars (USD) or higher. Since its appearance, HC3 is aware of attacks...
MX: BlackCat claims attack on Grupo Estrategas EMM ALPHV, aka BlackCat, claims to have attacked Grupo Estrategas EMM, but the ransomware group has not as yet uploaded any proof of claims. Nor has the insurance firm posted any notice on its website or social media indicating any incident. The insurer has not responded to...
James Pearson and Christopher Bing reports: A Russian hacking team known as Cold River targeted three nuclear research laboratories in the United States this past summer, according to internet records reviewed by Reuters and five cyber security experts. Between August and September, as President Vladimir Putin indicated Russia would be willing to use nuclear weapons to...
Jonathan Holmes reports: Highly confidential documents from 14 schools have been leaked online by hackers, the BBC can reveal. One of those was Pates Grammar School in Gloucestershire, targeted by a hacking group called Vice Society. The documents, seen by the BBC, include children’s SEN information, child passport scans, staff pay scales and contract...
Rachel Ward reports: Victoria’s fire service has reassured employees their personal details have not been posted to the dark web after the organisation was hit by a cyber attack. Fire Rescue Victoria’s IT systems, including dispatch, phones and email, were affected when online criminals hacked the service in December. Read more at Kalgoorlie Miner....
Remember when Britton White and DataBreaches discussed employees having their work credentials compromised by infostealers and how employers might want to require employees to notify them whenever an employee’s device was compromised if the device had stored login credentials? University of Miami Health posted a breach notice this week that caught my eye. From...
Maternal & Family Health Services (“MFHS”) in Pennsylvania has issued a press release about what they describe as a “sophisticated ransomware incident.” At this point, given so many ransomware attacks over the past few years, DataBreaches has no idea what would be considered “sophisticated.” In any event, MFHS began notifying potentially affected individuals, including...
Report: 25% of Districts Victimized by Cyber Attacks in 2022