IT Governance

JANUARY 9, 2023

IT Governance discovered 1,063 security incidents in 2022, which accounted for 480,014,323 breached records. Criminal hackers are always developing new techniques to outsmart defences, and as soon as organisations develop tools that are effective against one method of attack, criminals move on to something else. That represents an 14.8%

Data breaches 126

Data breaches Ransomware Government Passwords 126

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2022 was notable for the spread of ransomware as a service (RaaS). Trade Cyberthreats. RaaS and CaaS Continue to Grow.

Security 145

Security Ransomware Cybersecurity Privacy 145

IT Governance

JANUARY 4, 2021

Ransomware. Ransomware. We’ll have a separate post looking at the year’s data breaches and cyber attacks in more detail, but in the meantime, you can find the full list of December’s incidents below. As usual, incidents affecting UK organisations are in bold. Cyber attacks. Data breaches. Financial information. In other news….

Data breaches 116

Data breaches Ransomware Energy and Utilities Computer and Electronics 116

Security Affairs

FEBRUARY 6, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

Security 82

Security Ransomware Phishing Retail 82

IT Governance

FEBRUARY 21, 2024

ALPHV/BlackCat ransomware gang adds 2.7 TB of ASA Electronics data to its leak site The ALPHV/BlackCat ransomware gang is attempting to extort a ransom from ASA Electronics for 2.7 It is not known how long the database was publicly available, nor whether anyone else accessed it. Date breached: 384,658,212 records. Data breached: 2.7

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. The TA505 group was involved in campaigns aimed at distributing the Dridex banking Trojan, along with Locky , BitPaymer , Philadelphia , GlobeImposter , and Jaff ransomware families.

Authentication 121

Authentication Retail Passwords Ransomware 121

The Last Watchdog

MAY 2, 2019

Cyber criminals in today’s environment have ready access to powerful tools — and innumerable support services — available on the Dark Net to anyone wishing to attempt to plunder businesses. In the not-so-distant past, only elite hackers had access to high-end, cutting-edge hacking tools. Talk more soon.

Risk 182

Risk Cybersecurity Passwords Ransomware 182

IT Governance

FEBRUARY 14, 2024

GB City of Clemson, South Carolina Source New Public USA Yes 21,056 DGX-Dependable Hawaiian Express Source New Professional services USA Yes 20 GB Verdimed Source New Agricultural Spain Yes 19 GB Watchmax Source New Retail UK Yes 15,000 Del-Tron Precision Source New Manufacturing India Yes 8.9 GB Signature Performance, Inc.

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

IT Governance

JANUARY 9, 2020

Ransomware will continue to increase. The complexity of ransomware is such that there have been decoders released by attackers that have bugs that prevent the decryption of the data. The retail and hospitality industries will continue to have their POS equipment targeted. Open banking will be targeted.

Security 98

Security IoT Phishing Ransomware 98

DLA Piper Privacy Matters

JANUARY 28, 2022

In Europe we saw the UK finally conclude Brexit and establishment of a separate data protection regime in the UK which will be governed by the UK GDPR. 2021 was also the year where ransomware attacks made the headlines with a number of high profie supply chain-focused attacks. Our Tools and Resources. billion (USD1.2 / GBP0.9

GDPR 98

GDPR Privacy Data breaches Personal data 98

IT Governance

DECEMBER 30, 2019

The NHS was criticised for signing a deal with Amazon that allowed patients to access their health information via its Alexa voice assistant – potentially granting the online retail giant access to vast amounts of sensitive personal data. You can find more of July’s incidents in our list of data breaches and cyber attacks in July 2019.

Data breaches 78

Data breaches Personal data GDPR Ransomware 78

KnowBe4

DECEMBER 6, 2022

The users were able to impersonate an infinite number of entities (such as banks, retail companies and government institutions) for financial gain and substantial losses to victims. Ransomware, Ransom-war and Ran-some-where: What We Can Learn When the Hackers Get Hacked. Ransomware strikes organizations almost every two seconds.

Security awareness 85

Security awareness Phishing Risk Insurance 85

The Last Watchdog

SEPTEMBER 20, 2019

Local government agencies remain acutely exposed to being hacked. However, at this moment in history, two particularly worrisome types of cyber attacks are cycling up and hitting local government entities hard: ransomware sieges and election tampering. Ransomware attacks are trendy again,” Weller told me. “If

Ransomware 153

Ransomware Government Retail Security 153

Krebs on Security

DECEMBER 29, 2022

Several strong themes emerged from 2022’s crop of breaches, including the targeting or impersonating of employees to gain access to internal company tools; multiple intrusions at the same victim company; and less-than-forthcoming statements from victim firms about what actually transpired.

Passwords 229

Passwords Ransomware Computer and Electronics Encryption 229

CGI

OCTOBER 24, 2017

In all industry verticals we continue to hear about more companies and government agencies suffering from cyber-related breaches and ransomware attacks. I know of one government agency that contracted out their IT security to the lowest bidder, only to find that the contracting firm couldn’t hire the right talent at those low rates.

Cybersecurity 40

Cybersecurity Retail Marketing Government 40

Security Affairs

NOVEMBER 12, 2019

During a normal monitoring activity, one of the detection tools hits a suspicious email coming from the validtree.com domain. The used infrastructure, by analyzing the dropping urls, looks like an old infrastructure used for propagating Ransomware. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Computer and Electronics 42

Computer and Electronics Ransomware Security Retail 42

Security Affairs

MARCH 3, 2024

Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl.

Security 107

Security Ransomware Retail Artificial Intelligence 107

ForAllSecure

MAY 17, 2023

Small to Medium Business are, today, the target of APTs and ransomware. MUSIC} VAMOSI: In EP 49, I talked with Huntress, a managed service provider that discovered the ransomware affecting customers of Keysea. And because they were plugged into those clients, they were able to limit the spread of the ransomware.

Insurance 40

Insurance Privacy Ransomware GDPR 40

IT Governance

FEBRUARY 20, 2020

More than 135,000 residents have been affected by the incident, which is believed to have been caused by ransomware. What is ransomware? Ransomware is a specific type of malware that encrypts computer files, essentially locking the owner out of their systems. Unfortunately, there’s no single solution.

Ransomware 95

Ransomware Phishing Retail Insurance 95

ForAllSecure

JANUARY 15, 2021

A network monitoring company for the federal government and other large companies, Solar Winds, had been breached. Ahmadi: Solar Winds is a company that makes you know, networking, monitoring tools for. When I was working for a retail company I thought it was fantastic. Because it's network monitoring tools.

IT 52

IT Manufacturing Government Paper 52

ForAllSecure

JANUARY 15, 2021

A network monitoring company for the federal government and other large companies, Solar Winds, had been breached. Ahmadi: Solar Winds is a company that makes you know, networking, monitoring tools for. When I was working for a retail company I thought it was fantastic. Because it's network monitoring tools.

IT 52

IT Manufacturing Government Paper 52

IT Governance

JANUARY 3, 2024

ru Source (New) Retail Russia Yes 38,694 Richmont Graduate University Source (New) Education USA Yes 37 GB CBIZ KA Source 1 ; source 2 ; source 3 (Update) Healthcare USA Yes 36,295 La Red Health Center Source (New) Healthcare USA Yes 35,602 Kinetic Leasing, Inc. Source (New) Manufacturing USA Yes >400 GB Hafez Insurance Co.

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

eSecurity Planet

FEBRUARY 16, 2021

Ransomware. Unlike ransomware, it might be a criminal operation that does not involve the collection of a ransom. User education is one of the most powerful tools for preventing malicious mobile apps. Email is also usually how ransomware works. Since 2008, RAM scraping has been a boon for retailers. Ransomware.

Phishing 105

Phishing Ransomware Passwords Access 105

IT Governance

OCTOBER 31, 2019

A DDoS gang is extorting business posing as Russian government hackers (unknown). Ransomware. Victoria government insists patient data is safe after ransomware attack (unknown). North Florida OB-GYN discloses ransomware incident (528,188). AL-based Sarrell Dental notifies patients of ransomware attack (391,472).

Data breaches 92

Data breaches Ransomware Phishing Retail 92

IT Governance

FEBRUARY 6, 2024

Schneider Electric hit by Cactus ransomware The Sustainability Business division of the energy company Schneider Electric suffered a ransomware attack on 17 January, disrupting the company’s Resource Advisor platform. Data breached: 13,300,000 records.

Data Privacy 88

Data Privacy Privacy Insurance Security 88

IT Governance

MAY 1, 2019

Customers at US fast food retailer Chipotle say their accounts have been hacked (unknown). Ransomware. Genesee County, MI, government suffers ‘aggressive’ ransomware attack (unknown). Ransomware attack affects Women’s Health Care Group of PA (300,000). Ransomware attack hits Garfield County, UT (unknown).

Data breaches 111

Data breaches Personal data Ransomware Phishing 111

Security Affairs

NOVEMBER 29, 2019

While 2017 was the year of WannaCry , NotPetya , and BadRabbit ransomware epidemics, 2018 revealed a lack of preparedness for side-channel attacks and threats related to microprocessor vulnerabilities. Many telecom operators are Managed Service Providers and provide security services to government and commercial organizations.

IT 87

IT Military Cybersecurity Phishing 87

eSecurity Planet

MAY 2, 2024

Fortunately, vendor surveys identify five key cybersecurity threats to watch for in 2024: compromised credentials, attacks on infrastructure, organized and advanced adversaries, ransomware, and uncontrolled devices. 13% maintain access to company tools or resources after leaving the organization.

Cybersecurity 103

Cybersecurity Ransomware Passwords Cloud 103

IT Governance

DECEMBER 19, 2023

8 TB of data exfiltrated from Advantage Group International Following an outage affecting its leak site (see the ‘Enforcement’ section below), the ALPHV/BlackCat ransomware group is listing only a single incident: a data breach affecting the business management consultant Advantage Group International. GB Goa Natural Gas Pvt.Ltd. Wolasky P.A.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

IT Governance

APRIL 29, 2024

Source (New) Manufacturing Taiwan Yes 4,715,133 Mustafa Centre Source 1 ; source 2 (Update) Retail Singapore Yes >3,5000,000 TRAXERO Source (New) Software USA Yes 2,634,753 Piping Rock Health Products Source 1 ; source 2 ; source 3 (New) Manufacturing USA Yes 2,103,100 FBCS, Inc.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

KnowBe4

MARCH 7, 2023

The most critical affected Ukraine: Several thousand satellite systems that President Volodymyr Zelenskiy's government depended on were all down, making it much tougher for the military and intelligence services to coordinate troop and drone movements in the hours after the invasion." government. Ukrainians paid the price.

Phishing 76

Phishing Ransomware Cybersecurity Security awareness 76

IT Governance

AUGUST 2, 2021

Ransomware. If you find yourself facing a cyber security disaster, IT Governance is here to help. Ransomware. As always, you can find the full list of incidents below, with those affecting UK organisations listed in bold. And don’t forget to subscribe to our Weekly Round-up to receive the latest industry news and advice.

Data breaches 105

Data breaches Ransomware Insurance Personal data 105

eSecurity Planet

OCTOBER 8, 2021

The surge in ransomware attacks in the last year have spurred attempts by government officials to bolster cybersecurity defenses, and those actions advanced on multiple fronts this week. Ransomware Fight Goes Global. Ransomware Fight Goes Global. In an op-ed piece published by CNBC, U.S.

Ransomware 100

Ransomware IoT Government Cybersecurity 100