Hack

Bits ‘n Pieces (Trozos y Piezas)

CR: CONASSIF Hacked With Chinese Characters El Consejo Nacional de Supervisión del Sistema Financiero (CONASSIF) is involved with the Costa Rican financial system. On March 20, the Computer Security Incident Response Center (CSIRT-CR) on the website of the Ministry of Science, Innovation, Technology and Telecommunications (MICITT), issued an alert involving the website of CONASSIF...

Rio Tinto data vendor GoAnywhere’s possible breach spotted in Jan-end

CNA reports: U.S. cybersecurity firm Fortra said suspicious activity was identified within its GoAnywhere software nearly two months ago, a day after Rio Tinto in a staff memo said personal data of some of its Australian employees may have been stolen. The internal memo seen by Reuters on Thursday revealed payroll information, like payslips...

More victims possibly identified in GoAnywhere vulnerability incident

Zack Whittaker and Carly Page report: The number of victims affected by a mass-ransomware attack, caused by a bug in a popular data transfer tool used by businesses around the world, continues to grow as another organization tells TechCrunch that it was also hacked. Canadian financing giant Investissement Québec confirmed to TechCrunch that “some employee...

Stung by Free Decryptor, Ransomware Group Embraces Extortion

Mathew J. Schwartz reports: Not all ransomware groups wield crypto-locking malware. In their continuing quest for extortionate profits, some have moved away from encryption and pressure victims purely by threatening to leak stolen data unless they receive a ransom payment. This seems to have been the case for BianLian, a prolific ransomware group that...

Attack on WB CTC targeted financial info in Skyward system

Update:  BlackCat has claimed responsibility for the attack. There’s an update to the data breach affecting Wilkes-Barre Career and Technical Center, previously noted on this site. Mark Guydish reports: Guariglia said the FBI is still investigating and that there is no new information on what happened or who conducted the attack, which appeared to...

Ferrari hacked; doesn’t pay $1 million ransom demand

Not only was Ferrari dealing with grid penalty and car development problems with their F1 car this past week, but it now seems they were also dealing with a cybersecurity incident. Ferrari has revealed that it was the victim of a data breach and extortion demand. The firm’s email to customers, reproduced below, states...

After Data Breaches, Lawsuits Hit Two Arkansas Hospitals

Mark Friedman reports: After dealing with the financial effects of COVID-19, hospitals are facing a new threat: lawsuits following cyberattacks. Since January, four lawsuits have been filed against both Howard Memorial Hospital of Nashville and against the Mena Hospital Commission, which operates as the Mena Regional Health System. The lawsuits allege the hospitals were...