Attacks

A cyber attack against document transfer app MOVEit has resulted in data breaches of several high-profile UK organizations and businesses. Those affected includes the British Broadcasting Company (BBC), health and beauty retailer Boots and UK-based airline British Airways.  The attack involved the exploitation of a critical vulnerability in MOVEit’s infrastructure which allows malicious actors to break into company networks and steal data. The vulnerability was flagged by security researchers and the US government on June…

RomCom ransomware is being spread via poisoned Google adverts for legitimate software companies including Chat-GPT, PDF Reader Pro and Devolutions’ Remote Desktop Manager. According to researchers at IT security company Trend Micro, malicious actors are using Google advertisements for trusted companies to entice people into clicking on the advert and downloading RomCom ransomware onto their devices. The malicious actors are doing this through the use of fake sites set up to look like legitimate ones…

Catholic health system and nonprofit hospital chain CommonSpirit Health has said that a ransomware attack it suffered in October 2022 cost the company US$160 million. Ransomware attacks against healthcare companies are becoming all too common, with one in 42 healthcare organizations worldwide being the victim of ransomware attacks in the final quarter of 2022. With the average cost of a ransomware attack in the US reaching $9.44mn in 2022, the impact of these cyber attacks…

American dental insurer, MCNA Dental, has suffered a ransomware-related data breach that has exposed the data of more than 8.9 million patients. In a notice published to its website on May 26, MCNA Dental said that it became aware of malicious actors gaining unauthorized access to its systems on March 6. An investigation into the data breach revealed that malicious actors had been accessing MCNA Dental’s network since February 26. During the malware attack and…

More than 470,000 members of dark web hacking site RaidForums have had their data leaked by Exposed, another hacking forum. Members of the forums would put the various data stolen during data breaches on the site, where it could be purchased by other members for use in other malicious activities, including phishing and social engineering campaigns and even identity theft. In April 2022, the site shut down after its infrastructure and website were seized during…

Car manufacturer Tesla’s CEO, Elon Musk, may have had his social security number leaked in a data breach that saw 100GB of confidential information accessed. The Dutch data protection watchdog, Autoriteit Persoonsgegevens (DPA), has said that Tesla may have failed to protect confidential data from employees, customers and business partners. According to news publication Reuters, Tesla has been accused of failing to protect employee, customer and business partner data after 100GB of confidential information was…