IT Governance

FEBRUARY 21, 2019

Hello, and welcome to the IT Governance podcast for Thursday, 21 February 2019. The researchers explain that: “All password managers [they] examined sufficiently secured user secrets while in a ‘not running’ state. Each password manager also attempted to scrub secrets from memory. Here are this week’s stories.

Passwords 76

Passwords Data breaches Retail Government 76

IT Governance

JULY 1, 2020

Amtrak resets user passwords after Guest Rewards data breach (unknown). Florence, AL, government hit by cyber attack (unknown). China launches cyber attacks on government websites and banks following India massacre (unknown). Australian government bombarded by cyber attacks (unknown). Ransomware.

Data breaches 140

Data breaches Ransomware Retail Personal data 140

IT Governance

FEBRUARY 1, 2022

Ransomware. Gloucester Council cyber attack linked to Russian hackers (unknown) Parents warned after scam emails at Liverpool secondary school (unknown) DatPiff data being sold online after password-cracking attack (7.5 If you find yourself facing a cyber security disaster, IT Governance is here to help. Ransomware.

Data breaches 132

Data breaches Ransomware Phishing Retail 132

IT Governance

OCTOBER 3, 2022

Ransomware. If you’re facing a cyber security disaster, IT Governance is here to help. Ransomware. Costa Rica’s Junta De Proteccion Social hit by ransomware (unknown) Former students and staff at Savannah College of Art and Design affected by security incident (unknown) Ransomware attack takes down L.A.

Data breaches 143

Data breaches Ransomware Education Phishing 143

IT Governance

APRIL 12, 2022

IT Governance discovered 266 security incidents between January and March 2022, which accounted for 75,099,482 breached records. We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches.

Data breaches 115

Data breaches Ransomware Government Retail 115

IT Governance

JANUARY 9, 2023

IT Governance discovered 1,063 security incidents in 2022, which accounted for 480,014,323 breached records. We also give ransomware its own category, due in part to the frequency of attacks and to differentiate it from intrusions that may be harder to detect, such as password breaches. That represents an 14.8%

Data breaches 126

Data breaches Ransomware Government Passwords 126

IT Governance

OCTOBER 19, 2022

IT Governance identified 285 publicly disclosed security incidents between July and September 2022, which accounted for 232,266,148 compromised records. We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches.

Data breaches 116

Data breaches Ransomware Phishing Government 116

IT Governance

JULY 11, 2022

IT Governance discovered 237 security incidents between April and June 2022, which accounted for 99,019,967 breached records. We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches.

Data breaches 105

Data breaches Ransomware Phishing Government 105

IT Governance

MARCH 11, 2024

According to a listing on a popular hacking forum, the database includes customers’ names, email addresses, hashed passwords, and more. Source (New) Retail Italy Yes 436,932 Toner-dumping.de The claim is yet to be verified. Data breached: 36 million records. TB Paysign, Inc.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

JANUARY 4, 2021

Ransomware. Ransomware. We’ll have a separate post looking at the year’s data breaches and cyber attacks in more detail, but in the meantime, you can find the full list of December’s incidents below. As usual, incidents affecting UK organisations are in bold. Cyber attacks. Data breaches. Financial information. In other news….

Data breaches 116

Data breaches Ransomware Energy and Utilities Computer and Electronics 116

IT Governance

DECEMBER 1, 2020

Ransomware. Ransomware. The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can learn more about below. Here is our complete list of November’s cyber attacks and data breaches. As usual, incidents affecting UK organisations are in bold.

Data breaches 137

Data breaches Ransomware e-Discovery Personal data 137

IT Governance

MAY 7, 2024

At least 191 Australian organisations affected by ZircoDATA ransomware attack The ransomware group BlackBasta listed Australia-based ZircoDATA as a victim in February, allegedly exfiltrating 395 GB of data. Source (New) Construction USA Yes 489 ClearVision Optical Source (New) Retail USA Yes 261 Symphony Financial, LLC.

Data breaches 59

Data breaches Education Manufacturing Retail 59

IT Governance

NOVEMBER 29, 2019

NordVPN users’ passwords exposed in mass credential-stuffing attacks (2,000). Ransomware. NM-based Las Cruces Public School computers still offline after ransomware (24,710). Two major Spanish companies have been hit by ransomware: IT consultancy Everis (unknown). Watertown, CT, school system hit by ransomware (2,765).

Data breaches 143

Data breaches Ransomware Phishing Passwords 143

IT Governance

JULY 13, 2021

IT Governance discovered 377 security incidents between April and June 2021, which accounted for 1,224,539,395 breached records. We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches.

Data breaches 98

Data breaches Retail Ransomware Government 98

IT Governance

SEPTEMBER 27, 2018

There were also a few more reported ransomware incidents than normal, some of which saw the victims paying the fine – something most security professionals advise against. Cyber Attacks and Ransomware. Ransomware Attacks Conway, Companies out Thousands. Chegg resets 40 million user passwords after data breach.

Data breaches 111

Data breaches Passwords Ransomware Phishing 111

IT Governance

JANUARY 3, 2020

Hackers break into government system used by the country’s schools (unknown). Singapore-based retailer Love, Bonito apologises to customers after malware infection (unknown). Chinese government-linked hacking group has been bypassing 2FA in a wave of attacks (unknown). Ransomware. Henry Co.,

Data breaches 116

Data breaches Ransomware Phishing Government 116

IT Governance

OCTOBER 31, 2019

Students forced to reset passwords after learning platform Naivance hacked (1,343). A DDoS gang is extorting business posing as Russian government hackers (unknown). Ransomware. Victoria government insists patient data is safe after ransomware attack (unknown). Ransomware in Jasper Co.,

Data breaches 92

Data breaches Ransomware Phishing Retail 92

IT Governance

JUNE 1, 2023

IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses. A month later, a ransomware attack shut down the company’s operations in Italy and China. However, PharMerica has made no mention of ransomware in neither public statements nor its breach disclosure.

Data breaches 122

Data breaches Insurance Personal data Ransomware 122

IT Governance

APRIL 12, 2023

Overview IT Governance discovered 310 security incidents between January and March 2023, which accounted for 349,171,305 breached records. We also place ransomware in its own category, due in part to the frequency of attacks and in order to differentiate it from intrusions that may be harder to detect, such as password breaches.

Data breaches 59

Data breaches Ransomware Government Encryption 59

IT Governance

JANUARY 9, 2020

Ransomware will continue to increase. The complexity of ransomware is such that there have been decoders released by attackers that have bugs that prevent the decryption of the data. The retail and hospitality industries will continue to have their POS equipment targeted. Open banking will be targeted.

Security 98

Security IoT Phishing Ransomware 98

IT Governance

JANUARY 23, 2024

The leaked information allegedly includes customers’ names, dates of birth, email addresses, passwords and phone numbers. Data breached: 10,870,524 lines. Publicly disclosed data breaches and cyber attacks: full list This week, we’ve found 130,036,285 records known to be compromised, and 116 organisations suffering a newly disclosed incident.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

AUGUST 29, 2019

Multiple sites affiliated with the University of Florida student government hacked (unknown). Internet hosting provider Hostinger resets users’ passwords after security breach (14 million). Ransomware. Ransomware strain targets German organisations, wipes files (unknown). Virginia’s New Kent Co.

Data breaches 111

Data breaches Phishing Ransomware Personal data 111

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. The TA505 group was involved in campaigns aimed at distributing the Dridex banking Trojan, along with Locky , BitPaymer , Philadelphia , GlobeImposter , and Jaff ransomware families.

Authentication 114

Authentication Retail Passwords Ransomware 114

The Last Watchdog

MAY 2, 2019

Certain verticals, namely the government and transportation sectors, gave themselves a positive preparedness rating; meanwhile the hospitality, legal and retail sectors were much less positive about their cybersecurity preparedness. So far in 2019, we’re seeing another shift back to ransomware, Gill told me.

Risk 182

Risk Cybersecurity Passwords Ransomware 182

eSecurity Planet

FEBRUARY 16, 2021

Ransomware. Organizations can help prevent their computers from becoming part of a botnet by installing anti-malware software, using firewalls , keeping software up-to-date, and forcing users to use strong passwords. Always change the default passwords for any IoT devices you install before extended use. Jump ahead: Adware.

Phishing 104

Phishing Ransomware Passwords Access 104

KnowBe4

MARCH 7, 2023

The most critical affected Ukraine: Several thousand satellite systems that President Volodymyr Zelenskiy's government depended on were all down, making it much tougher for the military and intelligence services to coordinate troop and drone movements in the hours after the invasion." government. Ukrainians paid the price.

Phishing 79

Phishing Ransomware Cybersecurity Security awareness 79

IT Governance

MAY 24, 2024

For example, not so long ago, LockBit [an infamous ransomware gang] got taken down. And various other ransomware groups, including Ragnar Locker and Black Basta , suffered the same fate. If you’re a retailer, you’re going to see way more web traffic than usual. We had a client that had been compromised with ransomware.

Risk 118

Risk Security Ransomware Phishing 118

IT Governance

DECEMBER 30, 2019

The NHS was criticised for signing a deal with Amazon that allowed patients to access their health information via its Alexa voice assistant – potentially granting the online retail giant access to vast amounts of sensitive personal data. The Mexican oil company Pemex suffered a ransomware attack that demanded US$4.9 million (£3.82

Data breaches 78

Data breaches Personal data GDPR Ransomware 78

IT Governance

JUNE 8, 2023

Despite an array of technological solutions designed to counter phishing attacks – from antimalware software to password protections – the main weapon in anyone’s arsenal should be knowledge and awareness. A UK government study found that half of adults said they had received a phishing message in the previous month.

Phishing 111

Phishing Data breaches Communications Government 111

KnowBe4

DECEMBER 6, 2022

"The services of the website allowed those who sign up and pay for the service to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords," Europol says. Ransomware, Ransom-war and Ran-some-where: What We Can Learn When the Hackers Get Hacked. Ransomware strikes organizations almost every two seconds.

Security awareness 88

Security awareness Phishing Risk Insurance 88

IT Governance

SEPTEMBER 30, 2019

Ransomware. Police investigate after ransomware found on Sherman School, CT, systems (unknown). Flagstaff, AZ, school district hit by ransomware (unknown). Thousands of Linux servers infected with new Lilocked ransomware (unknown). Utah-based Premier Family Medical notifies patients of ransomware attack (320,000).

Data breaches 22

Data breaches Ransomware Personal data Military 22