stolen
-
Blog
Malicious Rspack, Vant packages published using stolen NPM tokens
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers. The supply chain attack, spotted by both Sonatype and Socket researchers, deployed the XMRig cryptocurrency miner on compromised systems for mining the hard-to-trace Monero privacy cryptocurrency. Additionally, Sonatype discovered that all three npm packages fell…
Read More » -
Blog
Health data of 5.6 million stolen in ransomware attack
Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation. The health network reported a total revenue of $28.3 billion in 2023 and operates 140 hospitals and 40 senior care facilities across the United…
Read More » -
Blog
390,000 WordPress accounts stolen from hackers in supply chain attack
A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. Researchers at Datadog Security Labs, who spotted the attacks, say that SSH private keys and AWS access keys were also stolen from the compromised systems of hundreds of other victims, believed to include…
Read More » -
Blog
Ransomware gang BianLian claims Physicians’ Primary Care of Southwest Florida cyber attack – 1.8TB stolen
This morning, ransomware gang BianLian claimed the recent cyber attack on Physicians’ Primary Care of Southwest Florida. It alleges that 1.8TB of data, including medical data, contracts, IDs, email archives, and accounting data, have been stolen. In its proof pack, BianLian claims the company was notified of the hack in September but did nothing to secure its network for two…
Read More » -
Blog
How to Make Sure Your Packages Don’t Get Stolen
Contact the Retailer. Retailers have different policies on handling package thefts. Some, such as Target, have fine-print clauses saying the risk of loss passes to the buyer when the purchase is delivered to the shipping company. Still, it doesn’t hurt to ask. According to our survey, this is the most common action that victims take, with 58 percent of Americans…
Read More » -
Blog
Florida High School hacked by ransomware gang; SSNs and credit cards stolen
Saint Thomas Aquinas High School in Ft. Lauderdale, FL this week confirmed it notified 37,064 people of a July 2024 data breach that compromised the following personal info: Names Social Security numbers Financial information Bank account numbers Credit and debit card numbers Driver’s license numbers Passport numbers Student ID numbers Medical info Health insurance info Ransomware gang Medusa claimed responsibility…
Read More » -
Blog
Fried chicken chain Bojangles breached; SSNs and medical info stolen by ransomware gang
Fast-food fried chicken chain Bojangles yesterday confirmed it notified more than 33,000 people of a February 2024 data breach that compromised the following info: Names Social Security numbers Government-issued ID numbers, e.g. driver’s license or passport Financial account numbers Credit and debit card numbers Medical info Health insurance info Based on the info listed above, we can infer the data…
Read More » -
Blog
New ransomware gang SafePay claims cyber attack on Microlise – 1.2TB of data stolen
This morning, new ransomware gang SafePay added UK IT company, Microlise, to its data leak site. It alleges to have stolen 1.2TB of data and is threatening to publish it in less than a day if ransom demands aren’t met. This comes after Microlise and its clients (including DHL and Serco) suffered widespread disruption during a cyber attack that occurred…
Read More » -
Blog
Schneider Electric confirms breach after hacker claims to have 40GB of stolen data
Schneider Electric has confirmed it suffered a breach after a hacker claimed to have stolen data from the firm’s Jira server. In a statement provided to ITPro, the firm said it was currently looking into an intrusion on one of its project management platforms. “Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project…
Read More » -
Blog
UnitedHealth says data of 100 million stolen in Change Healthcare breach
UnitedHealth has confirmed for the first time that over 100 million people had their personal information and healthcare data stolen in the Change Healthcare ransomware attack, marking this as the largest healthcare data breach in recent years. In May, UnitedHealth CEO Andrew Witty warned during a congressional hearing that “maybe a third” of all American’s health data was exposed in…
Read More »