Date: 1 March 2023
Here's the ultimate list of all the cyber attacks, data breaches and ransomware attacks that made it to the news in February 2023.
The second month of the year has clearly been no different from the first. Organisations have been bleeding data as cyber attacks, ransomware attacks and new malware just don't stop. Airlines, airports, healthcare organisations, grocery chains, food manufacturers, oil producers almost every industry seems to have been affected in the month gone by.
What is the solution to beat these advanced and persistent attackers? Is there a way to mitigate threats and/or control the damage?
Unfortunately, in all likelihood you can and will be attacked at some point or the other in your organisational lifetime. The best strategy is to focus on improving your cybersecurity posture and keep your incident response plans and processes up to date and relevant.
Need help in evaluating your business's breach readiness and strengthening your cybersecurity posture without blowing your budget? Choose our convenient and cost-effective Virtual Cyber Assistant service. Our virtual cybersecurity experts can help you conduct risk assessments and crisis tabletop exercises to help you see where your organisation actually stands today. They can then help you work on your strengths and plug the gaps.
For a clearer picture of why you must make cybersecurity your top priority immediately, take a look at the below lists of the biggest cyber attacks, ransomware attacks and data breaches in February 2023.
- Ransomware Attacks in February 2023
- Data Breaches in February 2023
- Cyber-Attacks in February 2023
- New Ransomware/Malware Detected in February 2023
- Vulnerabilities/Patches
- Advisories issued, reports, analysis etc. in February 2023
Ransomware Attacks in February 2023
|
Date |
Victim |
Summary |
Threat Actor |
Business Impact |
Source Link |
|
February 01, 2023 |
City of London traders hit by Russia-linked cyber attack. |
LockBit ransomware |
Ion said 42 clients have been affected by the attack as it faces disruption in its cleared derivatives division. |
||
|
February 03, 2023 |
Chip equipment maker MKS Instruments suffers a ransomware attack. |
Unknown |
The attack affected the company's production-related systems as MKS said it would temporarily suspend operations at some of its facilities, as part of its containment efforts. |
||
|
February 06, 2023 |
LockBit ransomware gang claims responsibility for Royal Mail cyber attack. |
LockBit ransomware |
The cyber attack forced the company to halt its international shipping services due to “severe service disruption”. |
||
|
February 06. 2023 |
Lehigh Valley Health Network says it was the target of Russian ransomware gang BlackCat. |
BlackCat Ransomware |
Based on Lehigh Valley Healthcare’s initial analysis, the attack was on the network supporting one physician practice located in Lackawanna County. It said, however, that the attack has not disrupted LVHN’s operations. |
||
|
February 07, 2020 |
Drug distributor AmerisourceBergen confirms security breach. |
Lorenz Ransomware |
AmerisourceBergen’s internal investigation quickly identified that a subsidiary’s IT system was compromised as the threat actors began leaking stolen data. |
||
|
February 08, 2023 |
Canadian bookstore Indigo |
Largest Canadian bookstore Indigo shuts down site after ransomware attack |
Unknown |
The Indigo bookstore cyber attack forced the company to make the website unavailable to customers and to only accept cash payments. The ransomware attack compromised the data of current and former employees. |
Canadian bookstore Indigo cyber attack Some Indigo bookstore employee data was stolen in the ransomware attack |
|
February 08, 2020 |
Águas e Energia do Porto (Water utility in Porto, Portugal) |
LockBit gang takes credit for attack on water utility in Portugal. |
LockBit Ransomware |
The LockBit Ransomware gang stole information and gave the utility until March 7 to pay a ransom, threatening to publish stolen information from Águas e Energia do Porto systems if the deadline passed without payment. |
|
|
February 09, 2023 |
A10 Networks confirms data breach after Play Ransomware attack. |
Play Ransomware |
Play ransomware gang managed to gain access to shared drives, deployed malware, and 'compromised' data related to human resources, finance, and legal functions and threatened to leak the files it stole during the intrusion. |
||
|
February 10, 2023 |
City of Oakland systems offline after ransomware attack |
Unknown |
The ransomware attack forced the City of Oakland to take all systems offline until the network is secured and affected services are brought back online. |
||
|
February 12, 2023 |
DarkBit ransomware hits Technion university to protest tech layoffs and Israel. |
DarkBit ransomware |
The ransomware group encrypted university data and demanded 80 BTC to release the decryptor. |
||
|
February 16, 2023 |
Semiconductor industry giant Applied Material says ransomware attack on supplier will cost it $250 million. |
Unknown |
Applied Materials Chief Executive Officer Gary Dickerson said, “very recently, one of our major suppliers (apparently MKS Instruments) encountered a disruption that will impact our second-quarter shipments and this impact would cost it $250 million in the next quarter.” |
||
|
February 17, 2023 |
U.S. Marshals Service |
U.S. Marshals Service investigating ransomware attack, data theft |
Unknown |
The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees. |
|
|
February 22, 2023 |
Fruit giant Dole disclosed a ransomware attack impacting operations. |
Unknown |
Dole halted its shipments to grocery stores as the ransomware attack forced it to shut down operations of its production plants in North America. |
||
|
February 22, 2023 |
Ohio’s largest oil producer claims ‘no impact’ seen after cyberattack. |
ALPHV Ransomware group |
The ransomware group posted 400 GB of stolen data on its leak site. |
Ohio’s largest oil producer Encino Energy ransomware attack |
|
|
February 27, 2023 |
Los Angeles school district |
Los Angeles school district confirms sensitive student data leaked. |
Vice Society Ransomware group |
Health records and psychological assessments of about 2,000 students, including 60 current students, were exposed by last year’s ransomware attack. |
|
|
February 28, 2023 |
Dish Network |
Dish Network confirms ransomware attack behind multi-day outage. |
Black Basta ransomware (Apparently) |
The Corporation became aware that certain data was extracted from the Corporation’s IT systems as part of this incident and it is possible the investigation will reveal that the extracted data includes personal information. |
Here are some FREE resources created by our cybersecurity experts to help you prepare for dealing with ransomware attacks and mitigating the damage they can cause:
Data Breaches in February 2023
|
Date |
Victim |
Summary |
Threat Actor |
Business Impact |
Source Link |
|
February 03, 2023 |
PeopleConnect, the owners of the TruthFinder and Instant Checkmate |
TruthFinder, Instant Checkmate confirm data breach affecting 20 million customers. |
A hacker who calls himself GOD |
The stolen data was shared as two 2.9 GB CSV files containing only customer information of 20.22 million TruthFinder and Instant Checkmate customers before the backup was created on April 16th, 2019. |
|
|
February 05, 2023 |
Coinbase cyber attack targeted employees with fake SMS alert. |
Unknown |
The threat actor stole the login credentials of one of its employees in an attempt to gain remote access to the company's systems and obtained some contact information belonging to multiple Coinbase employees. |
||
|
February 06, 2023 |
Weee! grocery service confirms data breach; 1.1 million affected. |
A hacker who calls himself GOD |
The breach exposed the personal information of 1.1 million customers. |
||
|
February 06, 2023 |
A Birmingham-based medical practice, Cardiovascular Associates (CVA) |
Birmingham medical practice informs patients of security breach. |
Unknown |
After an investigation, it was determined that a third party had gained access to personal information and removed a copy of some data between November 28 and December 5. |
|
|
February 07, 2023 |
Researcher breaches Toyota supplier portal with info on 14,000 partners. |
A security researcher |
Toyota's Global Supplier Preparation Information Management System (GSPIMS) was breached by a security researcher who discovered a "backdoor" in Toyota's system that allowed anyone to access an existing user account as long as they knew their email. |
||
|
February 10, 2023 |
California medical groups; Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical |
California medical group data breach impacts 3.3 million patients. |
Unknown |
Sensitive data of 3,300,638 patients was exposed in the attack. |
|
|
February 10, 2023 |
Clop ransomware claims it breached 130 organisations using GoAnywhere zero-day. |
Clop ransomware |
The Clop ransomware gang claimed to be behind recent attacks that exploited a zero-day vulnerability CVE-2023-0669 in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organisations. |
||
|
February 12, 2023 |
NameCheap's email hacked to send MetaMask, DHL phishing emails. |
Unknown |
NameCheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that attempted to steal recipients' personal information and cryptocurrency wallets. |
||
|
February 15, 2023 |
Atlassian’s third party vendor Envoy |
Atlassian data leak caused by stolen employee credentials. |
A hacking group known as SiegedSec |
The threat actors used stolen employee credentials to steal data from Atlassian’s third-party vendor. The hackers said: "We are leaking thousands of employee records as well as a few building floor plans. These employee records contain email addresses, phone numbers, names, and lots more~!." |
|
|
February 15, 2023 |
Pepsi Bottling Ventures |
Pepsi Bottling Ventures suffers data breach after malware attack. |
Unknown |
Hackers accessed the internal IT systems of Pepsi, installed malware, and downloaded certain information contained on the accessed IT systems. |
|
|
February 16, 2023 |
GoDaddy says its source code was stolen and malware installed in breach. |
Unknown |
GoDaddy revealed that an unauthorised party gained access to its servers and installed malware, causing the intermittent redirection of customer websites. |
||
|
February 17, 2023 |
Data leak hits thousands of NHS workers. |
Human Error |
A file containing sensitive payroll information of 14,000 employees was mistakenly sent to hundreds of NHS managers and 24 external accounts. |
||
|
February 19, 2023 |
The International Center of Photography Museum |
The International Center of Photography Museum in New York City has allegedly been breached by the Medusa Team. |
Medusa Team |
Hackers hit IT systems of The International Center of Photography Museum. |
|
|
February 20, 2023 |
Hackers leak stolen data of about 31 million users of an Indian Ticketing Platform, RailYatri. |
Name unknown. Data leaked on forum, Unit86/V.I.P |
The 12 GB worth of leaked data includes email addresses, full names, genders, phone numbers, locations and 37,000 invoices which could put millions of users at risk of identity theft, phishing attacks, and other cyber crimes. |
||
|
February 21, 2023 |
Game maker, Activision |
Activision data breach exposes employee and game information. |
A hacker who calls himself GOD |
The threat actor "exfiltrated sensitive workplace documents" along with the content release schedule until November 17, 2023 and now on February 27, 2023, threat actors have posted leaked data that consists of 19,444 unique records containing full names, phone numbers, job titles, locations, and email addresses of alleged Activision employees. |
|
|
February 21, 2023 |
TELUS investigates leak of stolen source code, employee data. |
Hacker name unknown. Data leaked on forum called Seize/VIP |
The threat actor posted screenshots that apparently show private source code repositories and payroll records held by TELUS. |
||
|
February 21, 2023 |
FNB home loan |
FNB home loan applicants' personal info exposed in app data breach. |
Unknown |
First National Bank’s (FNB’s) mobile app has exposed personal information of customers applying for home loans using the digital platform. |
|
|
February 22, 2023 |
UB Box Office’s third-party vendor AudienceView |
UB Box Office’s third-party vendor reports data breach. |
Unknown |
The data breach may have jeopardised the personal information of 292 customers. |
|
|
February 23, 2023 |
The Good Guys customers' personal data stolen in cyber attack on third-party supplier. |
Unknown |
The Good Guys has revealed some of its customers' personal data has been stolen as the supplier held contact details of Concierge members, including names, addresses, phone numbers and email addresses, as well as encrypted passwords and dates of birth of some members. |
||
|
February 24, 2023 |
Stanford University discloses data breach affecting PhD applicants. |
Unknown |
The exposed information contains PhD applications and accompanying materials, including names, dates of birth, home and mailing addresses, phone numbers, email addresses, race and ethnicity, citizenship, and gender of the applicants. |
Cyber Attacks in February 2023
|
Date |
Victim |
Summary |
Threat Actor |
Business Impact |
Source Link |
|
February 02, 2023 |
Super Bock says 'cyber' nasty 'disrupting computer services'. |
Unknown |
The cyber attack that hit Super Bock's tech infrastructure caused disruption to computer services, with constraints on regular operation, particularly at the service level. |
||
|
February 03, 2023 |
Tallahassee Memorial HealthCare (TMH) |
Florida hospital takes IT systems offline after cyber attack. |
Unknown |
The cyber attack forced Tallahassee Memorial HealthCare (TMH) to take its IT systems offline and to suspend non-emergency procedures. The hospital also had to divert emergency patients to other hospitals. |
|
|
February 03, 2023 |
Bermuda Power Supplier BELCO |
Bermuda hit by widespread internet outage amid power cut. |
Unknown |
The cyber attack impacted the island's internet and phone service availability. |
|
|
February 06, 2023 |
Häfele IT systems down after cyber attack. |
Unknown |
The company shut down its computer systems and disconnected them from the internet. |
||
|
February 06, 2023 |
UK metal engineering firm Vesuvius hit by cyber attack. |
Unknown |
Due to the cyber attack, Vesuvius shut down its IT systems. |
||
|
February 07, 2023 |
Blue Star detects cyber attack at certain locations, but says no impact on operations. |
Unknown |
Blue Star claims it has not found any material impact on the operations of the company. |
||
|
February 14, 2023 |
Aker Solutions’ Brazilian subsidiary |
Aker Solutions’ Brazilian arm becomes victim of a cyber attack. |
Unknown |
The cyber attack impacted IT systems of Aker Solutions’ Brazilian subsidiary. |
|
|
February 15, 2023 |
Lufthansa IT meltdown leaves thousands of passengers stranded. |
Lufthansa said the outage was caused by a damage in the fibre optic cable bundle of Deutsche Telekom but the Pro-Russian group Killnet claimed responsibility for the incident. |
More than 200 flights were cancelled at Frankfurt airport and more than 100 flights were delayed. |
||
|
February 15, 2023 |
Scandinavian Airlines hit by cyber attack; ‘Anonymous Sudan’ claims responsibility. |
Anonymous Sudan |
A cyber attack on Scandinavian Airlines (SAS) knocked its website offline and exposed some customer data. |
||
|
February 16, 2023 |
Burton Snowboards cancels online orders after 'cyber incident'. |
Unknown |
Burton Snowboards, a leading snowboard manufacturing company, has cancelled all online orders following what it describes as a cyber incident. |
||
|
February 16, 2023 |
German airports |
German airports hit by DDoS attack; ‘Anonymous Russia’ claims responsibility. |
Anonymous Russia |
The websites of seven airports were hit by a suspected cyber attack. Victim airports included Dusseldorf, Nuremberg, Erfurt-Weimar and Dortmund. |
|
|
February 16, 2023 |
DeFi platform Platypus says nearly $9 million in crypto stolen in flash loan attack. |
Unknown |
Almost $9 million lost in cryptocurrency. |
||
|
February 27, 2023 |
LastPass |
LastPass Says DevOps Engineer Home Computer Hacked. |
Unknown |
LastPass DevOp engineer’s home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud storage resources. |
New Ransomware/Malware Discovered in February 2023
|
New Ransomware |
Summary |
Source Link |
|
New Nevada Ransomware |
Nevada tried to grow its capabilities quickly as security researchers noticed improved functionality for the locker targeting Windows and VMware ESXi systems. |
New Nevada Ransomware targets Windows and VMware ESXi systems |
|
Honkai (Paradise) Ransomware |
Honkai (Paradise) Ransomware; Extension: .honkai (also appends victim's ID and developers' email); Ransom note: #DECRYPT MY FILES#.html |
|
|
Sunjn Ransomware |
Sunjn Ransomware; VoidCrypt ransomware family; Extension: .sunjn (also appends victim's ID and developers' email address); Ransom note: Dectryption-guide.txt |
|
|
DODO Ransomware |
DODO Ransomware; Extension: .dodov2; Ransom note: dodov2_readit.txt |
|
|
MortalKombat Ransomware |
New ‘MortalKombat’ ransomware targets systems in the U.S. |
|
|
'Beep' malware |
New stealthy 'Beep' malware focuses heavily on evading detection |
|
|
Medusa (New Version) |
A new version of the Medusa DDoS (distributed denial of service) botnet, based on Mirai code, has appeared in the wild |
Medusa botnet returns as a Mirai-based variant with ransomware sting |
|
Adrianov Ransomware; Based on Chaos ransomware; |
Extension: .1iyT6bav7VyWM5; Ransom notes: adrianov.txt and desktop wallpaper |
|
|
Stop/Djvu Ransomware (v0643) |
Stop Ransomware (v0643); Extension: .vvmm; Ransom note: _readme.txt |
|
|
Stop/Djvu Ransomware (v0645) |
Stop Ransomware (v0645); Extension: .vvoo; Ransom note: _readme.txt |
|
|
Mirai malware |
New Mirai malware variant infects Linux devices to build DDoS botnet |
|
|
Frebniis Malware |
Frebniis Malware Exploits Microsoft IIS Feature |
|
|
WhiskerSpy malware |
New WhiskerSpy malware delivered via trojanized codec installer |
|
|
Stealc malware |
New Stealc malware emerges with a wide set of stealing capabilities |
Vulnerabilities/Patches Discovered in February 2023
|
Date |
Flaws/Fixes |
Summary |
Source Link |
|
February 3, 2023 |
CVE-2023-0669 |
GoAnywhere warned customers of zero-day remote code execution vulnerability on exposed administrator consoles. |
GoAnywhere MFT zero-day vulnerability lets hackers breach servers |
|
February 6, 2023 |
CNVD-2022-10270 / CNVD-2022-03672 RCE vulnerabilities in Sunlogin v11.0.0.33 and earlier |
A new hacking campaign exploited Sunlogin flaws to deploy the Sliver post-exploitation toolkit and launch Windows Bring Your Own Vulnerable Driver (BYOVD) attacks to disable security software. |
Hackers backdoor Windows devices in Sliver and BYOVD attacks |
|
February 13, 2023 |
The zero-day patched is tracked as CVE-2023-23529 |
Apple releases emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and Macs. |
Apple fixes new WebKit zero-day exploited to hack iPhones, Macs |
|
February 16, 2023 |
CVE-2021-34473 and CVE-2021-34523 |
A new malware dubbed 'ProxyShellMiner' exploits the Microsoft Exchange ProxyShell vulnerabilities to deploy cryptocurrency miners throughout a Windows domain to generate profit for the attackers. |
Microsoft Exchange ProxyShell flaws exploited in new crypto-mining attack |
|
February 16, 2023 |
RCE (CVE-2023-21823) and escalate privileges (CVE-2023-23376), (CVE-2023-21715) can be exploited to bypass Microsoft Office macro policies, a WebKit type confusion issue (CVE-2023-23529) |
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four security vulnerabilities exploited in attacks as zero-day to its list of bugs known to be abused in the wild. |
|
|
February 17, 2023 |
CVE-2022-39952 and CVE-2021-42756 |
Cybersecurity solutions company Fortinet has released security updates for its FortiNAC and FortiWeb products, addressing two critical-severity vulnerabilities that may allow unauthenticated attackers to perform arbitrary code or command execution. |
|
|
February 21, 2023 |
CVE-2022-39952 |
Security researchers have released a proof-of-concept exploit for a critical-severity vulnerability in Fortinet's FortiNAC network access control suite. |
|
|
February 23, 2023 |
CVE-2022-47986 |
The IBM Aspera Faspex file transfer tool used by dozens of large organisations and businesses has a serious bug that malicious hackers are actively exploiting. |
Popular IBM file transfer tool vulnerable to cyberattacks, CISA says |
|
February 27, 2023 |
CVE-2023-26540 |
Hackers exploit two critical-severity vulnerabilities in the Houzez theme and plugin for WordPress, two premium add-ons used primarily in real estate websites. |
Critical flaws in WordPress Houzez theme exploited to hijack websites |
Warnings/Advisories/Reports/Analysis
|
News |
Summary |
Source Link |
|
Report |
Arnold Clark, Europe's largest independent car retailer, notified some customers that their personal information was stolen in a December 23 cyber attack claimed by Play Ransomware group. |
Arnold Clark customer data stolen in attack claimed by Play ransomware |
|
Report |
The ASEC analysis team recently discovered the distribution of the TZW ransomware, which encrypts files before adding the “TZW” file extension to the original extension. |
|
|
Report |
Schools in Tucson, Arizona, and Nantucket, Massachusetts, are dealing with cyber attacks as U.S. schools continue to face a barrage of threats in the first weeks of 2023. |
|
|
Report |
A critical new vulnerability disclosed by network-attached storage (NAS) vendor QNAP could be exploited on almost 30,000 devices globally. |
|
|
Report |
More than 10,000 employees, students and former staff have now been affected by the major cyber attack on one of Queensland's largest tertiary institutions. |
More than 11,000 employees, students and former staff affected by cyber attack, QUT says |
|
Report |
A senior councillor has been accused of creating an online voting system that could have potentially allowed members' votes on budget cuts to be tracked. |
Pembrokeshire: Top councillor accused of possible data breach |
|
Report |
Royal Ransomware is the latest ransomware operation to add support for encrypting Linux devices to its most recent malware variants, specifically targeting VMware ESXi virtual machines. |
Linux version of Royal Ransomware targets VMware ESXi servers |
|
Report |
Russian citizen Denis Mihaqlovic Dubnikov pleaded guilty on Tuesday to laundering money for the notorious Ryuk ransomware group for over three years. |
Russian man pleads guilty to laundering Ryuk ransomware money |
|
Report |
Eurostar rail forced its customers to reset their account passwords but customers failed to reset due to technical error in the given link. |
Eurostar forces 'password resets' but faced with a technical error |
|
Report |
Scammers are now exploiting the ongoing humanitarian crisis in Turkey and Syria: this time stealing donations by abusing legitimate platforms like PayPal and Twitter. |
|
|
Report |
DDoS attacks affected connectivity and performance of Tor and I2P networks. |
|
|
Analysis |
Online stores expose private backups in public folders, including internal account passwords, which can be leveraged to take over the e-commerce sites and extort owners. |
Over 12% of analysed online stores expose private data, backups |
|
Report |
Cloudflare blocked what it describes as the largest volumetric distributed denial-of-service (DDoS) attack to date. |
Cloudflare blocks record-breaking 71 million RPS DDoS attack |
|
Report |
Five malicious packages found on the Python Package Index (PyPI), stealing passwords, Discord authentication cookies, and cryptocurrency wallets from unsuspecting developers. |
Devs targeted by W4SP Stealer malware in malicious PyPi packages |
|
Report |
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a script to recover VMware ESXi servers encrypted by the recent widespread ESXiArgs ransomware attacks. |
CISA releases recovery script for ESXiArgs ransomware victims |
|
Report |
The Dutch police announced on Friday that they dismantled the Exclu encrypted communications platform after hacking into the service to monitor the activities of criminal organisations. |
Police hacked Exclu 'secure' message platform to snoop on criminals |
|
Report |
Microsoft found an ongoing outage affecting the company's Outlook webmail service as users reported issues while sending, receiving, or searching email through Outlook.com. |
Microsoft Outlook outage prevents users from sending, receiving emails |
|
Report |
HSE has issued over 32,000 notification letters to people who had their data stolen in the cyber attack on the Health Service Executive (HSE) and the costs associated with the cyber attack could rise to €500m. |
|
|
Report |
According to reports from an increasing number of Microsoft customers, Outlook inboxes have been flooded with spam emails because email spam filters are currently broken. |
Microsoft Outlook flooded with spam due to broken email filters |
|
Report |
The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency’s network. |
FBI is investigating a cybersecurity incident on its network |
|
Report |
Norwegian police (Økokrim) have seized 60 million kroner ($5,800,000) worth of cryptocurrency stolen by the North Korean Lazarus hacking group last year from Axie Infinity's Ronin Bridge. |
Norwegian police recover $5.8M crypto from massive Axie Infinity hack |
|
Report |
Cybersecurity company Group-IB has revealed it successfully detected and blocked an email carrying a malicious attachment by Tonto Team in June 2022. |
|
|
Report |
New vulnerability reporting frameworks are now in place in Belgium, to give cybersecurity researchers a way to legally report software and hardware bugs to organisations and the government. |
Belgium institutes nationwide vulnerability disclosure policy |
|
Report |
Over 1.6 million cyber attacks were blocked on 114 Indian insurance companies every day in January. |
Over 1.6 m cyber attacks blocked on Indian insurance firms a day in Jan |
|
Report |
One of the largest commercial DNA testing companies in the world agreed to pay a $400,000 fine to Ohio and Pennsylvania after a 2021 data breach compromised the information of more than 2 million people. |
DNA Diagnostics Center to pay $400,000 fine for 2021 data breach |
|
Report |
In an episode that underscores the vulnerability of global computer networks, hackers got a hold of login credentials for data centres in Asia used by some of the world’s biggest businesses, a potential bonanza for spying or sabotage. |
Hackers Scored Data Center Logins for Some of the World's Biggest Companies |
|
Report |
Ireland's child and family agency, Tusla, says it is beginning a months-long process to notify 20,000 individuals that their personal information was exposed in the May 2021 ransomware attack against the Health Service Executive. |
Ireland Set to Notify 20,000 More Health Data Breach Victims |
|
Report |
A threat actor has been targeting government entities with the PureCrypter malware downloader that has been seen delivering multiple information stealers and ransomware strains. |
PureCrypter malware hits govt orgs with ransomware, info-stealers |
|
Report |
According to BleepingComputer, Mass media and publishing giant News Corporation (News Corp) says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020. |
News Corp says state hackers were on its network for two years |
|
Report |
Australia's federal government will overhaul a $1.7 billion cyber security plan set up under Scott Morrison in the aftermath of the hacks of Optus and Medibank. |
Federal government to rewrite cyber laws after Optus, Medibank hacks |
|
Report |
The Australian government said it planned to overhaul its cyber security rules and set up an agency to oversee government investment in the field and help coordinate responses to hacker attacks. |
Australia plans to reform cyber security rules, set up agency |
|
Report |
Letters are being mailed to the last known permanent address of 2,158 users whose personally identifiable information was involved in a data breach of the Physician Assistant Portal at Commonwealth University-Lock Haven in January 2023. |
Commonwealth University notifies 2,158 PA portal users affected by data breach |
|
Report |
Microsoft has addressed a known issue behind unsupported computers being offered Windows 11 22H2 upgrades and unable to complete the installation process. |
Microsoft fixes bug offering Windows 11 upgrades to unsupported PCs |
