Waqas reports that based on research by Sophos, the education sector is the most vulnerable and targeted by ransomware attacks. KEY FINDINGS 80% of lower education providers and 79% of higher education institutions reported ransomware attacks in the last year. Education is the most targeted industry by cybercriminals, primarily motivated by the high percentage...
The following is a machine translation of a press release from the Dutch Politie: Hundreds of (possible) buyers of stolen data have received a letter or email from the East Netherlands police, and people are also invited for a stop interview. This approach is a follow-up to an investigation from 2022. In May of...
Michael Elsen-Rooney reports: Following two high-profile data breaches, New York City’s Education Department has moved to shore up its cybersecurity protocols, increasing its vetting of software vendors and tightening email access for schools and parent leaders. Because of the new protocols, the school year has started without approvals for scores of programs, including popular...
The first time DataBreaches remembers hearing about the man who calls himself “USDoD” was when he posted a sales listing for member data from InfraGard. He had not only managed to acquire data on 80,000 members of an organization dedicated to protecting critical infrastructure, but his revelation of his method exposed some embarrassingly inept...
Ben Doherty reports: The Australian government may be liable for tens of millions of dollars in compensation to asylum seekers after it posted their personal details online while they were in immigration detention. The mass data breach, discovered by Guardian Australia in 2014, resulted in information being used, in some cases, to allegedly threaten asylum seekers,...
AlphV has posted a statement about their attack on MGM Resorts. They also post some scathing criticisms of journalists and news outlets for reporting inaccurately and not verifying sources. Of note, their statement also asserts, “The ALPHV ransomware group has not before privately or publicly claimed responsibility for an attack before this point. Rumors...
Following the Internet Organised Crime Assessment (IOCTA) 2023, today Europol published the spotlight report “Cyber Attacks: The Apex of Crime-as-a-Service”. It examines developments in cyber-attacks, discussing new methodologies and threats as observed by Europol’s operational analysts. The report also outlines the types of criminal structures that are behind cyber-attacks, and how these increasingly professionalised groups are...
September 12, 2023 TLP:CLEAR Report: 202309121400 Akira Ransomware Executive Summary Akira is a Ransomware-as-a-Service (RaaS) group that started operations in March 2023. Since its discovery, the group has claimed over 60 victims, which have typically ranged in the small- to medium-size business scale. Akira has garnered attention for a couple of reasons, such as...
A statement and FAQ by the Chambersburg Area School District, as shared by TriState Alert, appears below.The district offers its reasons (translation: excuses) for not answering the questions parents and the public really want to know: did the district pay ransom, and was personal information acquired by the attackers? Although the district did not...
DHS Pushes for Common Cyber Incident Reporting Definitions