Hack

Fintech firm hit by log4j hack refuses to pay $5 million ransom

Ax Sharma reports: One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Soon enough, threat actors approached ONUS to extort a $5 million sum and threatened to publish the customer data should ONUS refuse to comply. After the company’s refusal to pay the ransom, threat actors put up...

Saskatchewan Liquor and Gaming Authority investigating Christmas Day cybersecurity incident

Kimberley Fowler reports: The Saskatchewan Liquor and Gaming Authority (SLGA) reports that it has temporarily disabled certain computer systems and applications, as it investigates a cybersecurity incident that occurred on Dec. 25. SLGA states it does not have any evidence that the security of any customer, employee or other personal data has been misused, and asks for patience...

Ninth Circuit overturns $1.7 million restitution order for Russian hacker

Maria Dinzeo reports: Russian hacker Yevgeniy Nikulin is off the hook for $1.7 million in restitution a federal judge ordered him to pay four tech companies whose user databases he breached in 2012. The Ninth Circuit overturned the award Wednesday, finding insufficient support for the amount of resources the companies claim to have spent trying to...

Oops, did we miss these education sector breaches for k-12?

Came across these today while researching something else, so I thought I would just list them here for those who track k-12 breaches. Coffeyville School District in Kansas had a data security incident in July of 2020 that they detected in August of 2020. Their notification letter of February 2021 indicates that names and...

Hackers attack Israeli hiking websites, leak personal information

Tzvi Joffre reports: A hacker group called Sharp Boys announced that it had hacked two Israeli hiking websites on Saturday, leaking the information of 100,000 users and offering the information of around three million people for sale. The leaked data includes emails, addresses, photos and phone numbers. The two affected sites were Tiyuli and...