breached
-
Blog
Malware campaign ‘DollyWay’ breached 20,000 WordPress sites
A malware operation dubbed ‘DollyWay’ has been underway since 2016, compromising over 20,000 WordPress sites globally to redirect users to malicious sites. The campaign has evolved significantly in the past eight years, leveraging advanced evasion, re-infection, and monetization strategies. According to GoDaddy researcher Denis Sinegubko, DollyWay has been functioning as a large-scale scam redirection system in its latest version (v3). However, in…
Read More » -
Blog
Ransomware gang says it breached Wisconsin ambulance company
Ransomware group Medusa today claimed responsibility for a February 2025 cyber attack on Bell Ambulance. Bell Ambulance on February 13, 2025 sent a message to employees that said the company was “working to restore IT systems after a cybersecurity event.” “Unfortunately this disruption is greatly impacting your ability to perform your job functions,” says the message, which local reporter Dan…
Read More » -
Blog
Belgium probes if Chinese hackers breached its intelligence service
The Belgian federal prosecutor’s office is investigating whether Chinese hackers were behind a breach of the country’s State Security Service (VSSE). Chinese state-backed attackers reportedly gained access to VSSE’s external email server between 2021 and May 2023, siphoning around 10% of all emails sent and received by the agency’s staff. The compromised server was only used for exchanging emails with…
Read More » -
Blog
Another ransomware gang says it breached IT giant Conduent
Ransomware gang SafePay today claimed responsibility for a January 2025 cyber attack against IT giant Conduent. Conduent suffered an outage at the time that it confirmed on January 22 was the result of a cyber security incident. The outage disrupted electronic money transfers and EBT payments made by its clients, which include half of Fortune 100 companies, for two days.…
Read More » -
Blog
Ghost ransomware breached orgs in 70 countries
CISA and the FBI said attackers deploying Ghost ransomware have breached victims from multiple industry sectors across over 70 countries, including critical infrastructure organizations. Other industries impacted include healthcare, government, education, technology, manufacturing, and numerous small and medium-sized businesses. “Beginning early 2021, Ghost actors began attacking victims whose internet facing services ran outdated versions of software and firmware,” CISA, the…
Read More » -
Blog
Ransomware gang says it breached patient health and payment data at Michigan clinic
Ransomware gang BianLian today claimed responsibility for a November 2024 data breach at St. Clair Orthopaedics and Sports Medicine, which operates a pair of clinics north of Detroit, Michigan. St. Clair notified an undisclosed number of patients that the following data was compromised in the breach: Health insurance data including health plans and policies, insurance companies, member and group ID…
Read More » -
Blog
Florida real estate developer breached by ransomware, SSNs compromised
Florida real estate developer Stock Development this week confirmed it suffered a data breach in 2023 and 2024 that compromised names, Social Security numbers, driver’s license numbers, contact info, and bank account info. Stock says it discovered the breach in March 2024, but that attackers first infiltrated its systems back in April 2023. “On March 2, 2024, we became aware…
Read More » -
Blog
America’s biggest chain of opioid treatment centers hacked by ransomware gang, SSNs and treatment info breached
BayMark Health Services this week confirmed it notified an undisclosed number of patients about a September 2024 data breach that compromised the following info: Names Social Security numbers Driver’s license numbers Dates of birth Services received Dates of service Insurance info Treatment provider Treatments Diagnostic info BayMark operates hundreds of opioid treatment clinics and programs across the US and Canada.…
Read More » -
Blog
Treasury hackers also breached US foreign investments review office
Silk Typhoon Chinese state-backed hackers have reportedly breached a Treasury Department office that reviews foreign investments for national security risks. CNN reported on Friday, citing U.S. officials familiar with the matter, that the attackers gained access to the Committee on Foreign Investment in the United States (CFIUS) systems. The CFIUS is a government office and interagency committee authorized to review foreign investment…
Read More » -
Blog
Chinese hackers also breached Charter and Windstream networks
More U.S. companies have been added to the list of telecommunications firms hacked in a wave of breaches by a Chinese state-backed threat group tracked as Salt Typhoon. This comes after AT&T, Verizon, and Lumen confirmed on December 30 that they have evicted the hackers from their networks. After breaching their networks, the Salt Typhoon hackers gained access to targeted…
Read More »