IT Governance

JULY 1, 2021

Ransomware. Ransomware. discloses ransomware incident (unknown). discloses ransomware incident (unknown). discloses ransomware incident (unknown). Cyber attacks. Data breaches. Financial information. Malicious insiders and miscellaneous incidents. In other news…. Cyber attacks. Find out more.

Data breaches 130

Data breaches Ransomware Computer and Electronics Retail 130

IT Governance

APRIL 1, 2021

We typically expect ambiguity when it comes to ransomware, because organisations are locked out of their files and can’t calculate what’s been affected. Ransomware. Ransomware. The issue is that in far more cases than we’d expect, the number of breached records wasn’t included in the notification, so we can’t include it here.

Data breaches 130

Data breaches Ransomware Manufacturing e-Delivery 130

IT Governance

MAY 7, 2024

At least 191 Australian organisations affected by ZircoDATA ransomware attack The ransomware group BlackBasta listed Australia-based ZircoDATA as a victim in February, allegedly exfiltrating 395 GB of data. Source 1 ; source 2 (Update) Insurance USA Yes 75,101 Airsoftc3.com Data breached: 1,201,000 people’s data.

Data breaches 59

Data breaches Education Manufacturing Retail 59

IT Governance

JANUARY 4, 2021

Ransomware. Ransomware. We’ll have a separate post looking at the year’s data breaches and cyber attacks in more detail, but in the meantime, you can find the full list of December’s incidents below. As usual, incidents affecting UK organisations are in bold. Cyber attacks. Data breaches. Financial information. In other news….

Data breaches 116

Data breaches Ransomware Energy and Utilities Computer and Electronics 116

ForAllSecure

MAY 17, 2023

Small to Medium Business are, today, the target of APTs and ransomware. Chris Gray of Deep Watch talks about the view from the inside of a virtual SOC, the ability to see threats against a large number of SMB organizations, and the changes to cyber insurance we’re seeing as a result. VAMOSI: Cybersecurity insurance.

Insurance 40

Insurance Privacy Ransomware GDPR 40

Hunton Privacy

DECEMBER 15, 2017

Consideration was given to whether the same factors apply in both the privacy and security contexts, the risk of potential injury versus realized injury and when government intervention is warranted. Panelists also suggested looking at what people do rather than what they say about privacy.

Privacy 42

Privacy Retail Risk Insurance 42

IT Governance

MARCH 11, 2024

Source (New) Retail Italy Yes 436,932 Toner-dumping.de Source (New) Retail Germany Yes 334,000 Yakima Valley Radiology, PC Source 1 ; source 2 (New) Healthcare USA Yes 235,249 Consorzio Innovation Source (New) Professional services Italy Yes 225 GB Northeast Orthopaedics & Sports Medicine Source (New) Healthcare USA Yes 177,276 Strike.me

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

APRIL 9, 2024

Other databases contained health insurance data, such as patents’ names, dates of birth, addresses and medical data. EyeCare Services Partners exposes more 3.5 The biggest database in the blob contained 3.1 million patients and 1.6 million unique Social Security numbers. Source (New) Manufacturing USA Yes 1.1

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

IT Governance

DECEMBER 5, 2023

The company’s description of the incident suggested ransomware. This was confirmed about a fortnight later, in early November, when the ALPHV/BlackCat ransomware group took responsibility for the attack , claiming to have encrypted Henry Schein’s files and exfiltrated 35 TB of data. Data breached: over 300 million records.

Data Privacy 106

Data Privacy Privacy Manufacturing Retail 106

IT Governance

JANUARY 3, 2024

TB exfiltrated Comcast Cable Communications, LLC (Xfinity) Source 1 ; source 2 (New) Telecoms USA Yes 35,879,455 Tecnoquadri Srl Source (New) Manufacturing Italy Yes 33,000,000 Asia Insurance Co.

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

IT Governance

APRIL 22, 2024

Cloud, FL Source (Update) Public USA Yes 719,597 Regulator Marine Inc Source (New) Manufacturing USA Yes 630 GB Risas Dental and Braces Source 1 ; source 2 (New) Healthcare USA Yes 618,189 HUB International Source (New) Insurance USA Yes 514,477 Lee University Source 1 ; source 2 (New) Education USA Yes 387.49

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

IT Governance

DECEMBER 11, 2023

suffers second ransomware attack in months Having been struck by a ransomware attack in October by the BlackSuit group , which led to operations and appointments being postponed, Akumin Inc. has suffered a second attack, this time by the BianLian ransomware group. Source (New) Retail USA Yes 2,469 Three GreatStar Industrial Co.

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

IT Governance

JANUARY 30, 2024

Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5 TB Four Hands Source (New) Manufacturing USA Yes 1.5 TB UK forex customers Source (New) Finance UK Yes 1,001,214 A.N.S.

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

IT Governance

FEBRUARY 27, 2024

The breached data may include names, Social Security numbers and health insurance information. For some victims, the stolen data also included Social Security numbers and health insurance information. GB Tiete Automobile Source (New) Retail Brazil Yes 68.5 Data breached: 4,662,668 individuals’ data.

Data Privacy 52

Data Privacy Manufacturing Privacy Data breaches 52

IT Governance

JUNE 1, 2023

A month later, a ransomware attack shut down the company’s operations in Italy and China. MCNA Insurance MCNA Insurance, also known as MCNA Dental, was caught up in a cyber hacking incident last week, in which 112 covered entities were affected. PharMerica The US pharmacy network PharMerica began notifying 5.8

Data breaches 122

Data breaches Insurance Personal data Ransomware 122

IT Governance

JANUARY 23, 2024

Known records breached Naz.API (likely belonging to multiple organisations) Source (New) Unknown Unknown Yes 70,840,771 VF Corporation Source 1 ; source 2 (Update) Retail USA Yes 35,500,000 Pastelería Mozart Source (New) Hospitality Chile Yes 10,870,524 Foxsemicon Integrated Technology, Inc. Organisation(s) Sector Location Data breached?

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

The Last Watchdog

SEPTEMBER 20, 2019

However, at this moment in history, two particularly worrisome types of cyber attacks are cycling up and hitting local government entities hard: ransomware sieges and election tampering. population 12,046, paid $460,000, respectively, for ransomware decryption keys. Ransomware attacks are trendy again,” Weller told me. “If

Ransomware 153

Ransomware Government Retail Security 153

IT Governance

FEBRUARY 6, 2024

Schneider Electric hit by Cactus ransomware The Sustainability Business division of the energy company Schneider Electric suffered a ransomware attack on 17 January, disrupting the company’s Resource Advisor platform. Data breached: 13,300,000 records.

Data Privacy 88

Data Privacy Privacy Insurance Security 88

Krebs on Security

DECEMBER 29, 2022

Big Yellow and Avira weren’t the only established brands cashing in on crypto hype as a way to appeal to a broader audience: The venerable electronics retailer RadioShack wasted no time in announcing plans to launch a cryptocurrency exchange. Penchukov was arrested after leaving Ukraine to meet up with his wife in Switzerland.

Passwords 233

Passwords Ransomware Computer and Electronics Encryption 233

IT Governance

JUNE 1, 2021

For the second month in a row, ransomware has dominated our list of data breaches and cyber attacks. Of the 128 publicly disclosed incidents that we discovered in May, more than 40% of them were ransomware attacks. Ransomware. Ransomware. Cyber attacks. Data breaches. Financial information. In other news…. Cyber attacks.

Data breaches 124

Data breaches Ransomware Insurance Energy and Utilities 124

IT Governance

JANUARY 3, 2020

Singapore-based retailer Love, Bonito apologises to customers after malware infection (unknown). Ransomware. Illinois’ Sycamore School District 427 hit by ransomware (3,763). Data centre CyrusOne suffers ransomware attack (unknown). The Southeastern Minnesota Oral & Maxillofacial Surgery discloses ransomware (80,000).

Data breaches 116

Data breaches Ransomware Phishing Government 116

IT Governance

OCTOBER 31, 2019

Ransomware. Victoria government insists patient data is safe after ransomware attack (unknown). North Florida OB-GYN discloses ransomware incident (528,188). AL-based Sarrell Dental notifies patients of ransomware attack (391,472). Philadelphia school district says it paid $38,000 to free network from ransomware (2,515).

Data breaches 92

Data breaches Ransomware Phishing Retail 92

IT Governance

MAY 1, 2019

Blue Cross of Idaho notifies members of privacy breach after thwarting financial fraud (5,600). Customers at US fast food retailer Chipotle say their accounts have been hacked (unknown). Illinois dental insurer notifies members after phishing attack (unknown). Ransomware.

Data breaches 111

Data breaches Personal data Ransomware Phishing 111

IT Governance

APRIL 29, 2024

Source (New) Manufacturing Taiwan Yes 4,715,133 Mustafa Centre Source 1 ; source 2 (Update) Retail Singapore Yes >3,5000,000 TRAXERO Source (New) Software USA Yes 2,634,753 Piping Rock Health Products Source 1 ; source 2 ; source 3 (New) Manufacturing USA Yes 2,103,100 FBCS, Inc.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

IT Governance

DECEMBER 19, 2023

8 TB of data exfiltrated from Advantage Group International Following an outage affecting its leak site (see the ‘Enforcement’ section below), the ALPHV/BlackCat ransomware group is listing only a single incident: a data breach affecting the business management consultant Advantage Group International. GB Goa Natural Gas Pvt.Ltd.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

eSecurity Planet

MAY 2, 2024

Fortunately, vendor surveys identify five key cybersecurity threats to watch for in 2024: compromised credentials, attacks on infrastructure, organized and advanced adversaries, ransomware, and uncontrolled devices. No specific tool exists to defend specifically against nation state attacks, ransomware gangs, or hacktivists.

Cybersecurity 94

Cybersecurity Ransomware Passwords Cloud 94

IT Governance

AUGUST 2, 2021

Ransomware. Ransomware. As always, you can find the full list of incidents below, with those affecting UK organisations listed in bold. And don’t forget to subscribe to our Weekly Round-up to receive the latest industry news and advice. Cyber attacks. Data breaches. Financial information. Malicious insiders and miscellaneous incidents.

Data breaches 105

Data breaches Ransomware Insurance Personal data 105