Priscilla Alvarez and Sean Lyngaas report: Senior Department of Homeland Security officials are working to determine if a ransomware attack on government contractor Johnson Controls International has compromised sensitive physical security information such as DHS floor plans, according to internal DHS correspondence reviewed by CNN. Johnson Controls, a major manufacturer of alarm and building automation...
ChildFund in New Zealand has issued a public notice about a data breach involving a telemarketing company, Pareto Phone Limited. ChildFund had contracted with Pareto in 2014 to conduct fundraising activity on its behalf. ChildFund does not say when it may have stopped working Pareto, but Pareto suffered a cyberattack in April of this...
Graham Cluley writes: UK charities including Shelter, the RSPCA, the Dogs Trust, Battersea Dogs and Cats Home, and Friends of the Earth have warned their supporters that hackers have stolen their data following a breach at a supplier. The charities themselves haven’t been hacked. The problem instead lies with third-parties working with the charities...
Daniel Warren reports: The Mixin network was recently hit by a multi-million dollar hack. Mixin confirmed that over $200 million worth of cryptocurrencies were wiped from its mainnet due to a security breach on September 23. According to recent data, this is equivalent to half of the net TVL of all mixin-based protocols. In...
Well, we expected there would be a lot of schools notified by the National Student Clearinghouse about the MOVEit breach, but now we have a bit more of the scope. NSC has notified the California Attorney General’s Office on behalf of almost 900 schools. Their notification letter to those affected indicated that the types...
Nansen Warns Of Potential Phishing Attacks Following Vendor Security Incident Exposing Customer Data
Liam ‘Akiba’ Wright reports: Crypto analytics platform Nansen has revealed that a bad actor accessed its admin system to provision customer accounts. On Sept. 20, a security breach by one of Nansen’s third-party vendors led to compromised customer access, underscoring the ever-present digital risk, particularly in the continually evolving arena of blockchain technology and...
Add yet one more business associate to those affected by the Clop attack on Progress Software MOVEiT. Nuance has disclosed that it was affected by the May attacks. Although no number was revealed, the Microsoft-owned technology firm stated it was disclosing on behalf of: Atrium Health, the Charlotte-based health care system giant. Catawba Valley...
Haseeb Shaheen reports: In a recent turn of events, the claims portal for the globally renowned cryptocurrency exchange FTX has resumed its full-fledged operation. The operations were suspended following a security incident that took place with Kroll, the third-party agent responsible for handling the creditor claims amidst the ongoing FTX bankruptcy. The cybersecurity incident is...
The Defense Post reports: Colombia has reported a massive cyberattack affecting dozens of government websites and impacting countries across Latin America. Local media said Thursday that key websites — such as the justice, health, and culture ministries as well as several hospitals — had been affected by a ransomware attack. The presidency said in...
Gretchen Hjelmstad reports: The imaging vendor Sanford Health uses for its mobile heart screen trucks, DMS Health Technologies, experienced a data security incident between March 27 and April 24, 2023. According to Sanford Health, patient information was potentially compromised including name, date of birth, date of service, physician name and exam type. Sanford Health...