Category: Cyber-Crime

The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) has announced that a “cyber incident” forced it to take its corporate systems offline as a precaution. FINTRAC is a government agency in Canada that operates as the country’s financial intelligence unit. It is engaged in money laundering investigations, tracking millions of suspicious transactions annually and making thousands of disclosures…

  In 2023, the Department of Defense announced an ambitious plan to launch 1,000 satellites over the next decade. Over the same period, the National Reconnaissance Office, which runs the country’s spy satellites, plans to quadruple the size of its fleet of a couple dozen satellites.   The U.S. government can expand its fleet this quickly because satellites have become…

Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based company listed on NASDAQ with operations in multiple countries and a provider of cloud-based donor data management software catering to nonprofit organizations,…

Genetic testing company 23andMe announced on Friday that hackers accessed around 14,000 customer accounts in the company’s recent data breach. In a new filing with the U.S. Securities and Exchange Commission published Friday, the company said that, based on its investigation into the incident, it had determined that hackers had accessed 0.1% of its customer base. According to the company’s most recent…

Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and hospitals across Greater Louisville, Southern Indiana, and the Commonwealth of Kentucky. With over 20,000 employees, more than 1,750 employed medical providers, and over 3,000 total…

As Genetic testing provider 23andMe faces multiple lawsuits for an October credential stuffing attack that led to the theft of customer data, the company has modified its Terms of Use to make it harder to sue the company. In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked the data for 1 million…

CISA (Cybersecurity & Infrastructure Security Agency) is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers (PLCs) exposed online. PLCs are crucial control and management devices in industrial settings, and hackers compromising them could have severe repercussions, such as water supply contamination through manipulating the device to alter chemical dosing. Other risks include service…

The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. A cryptocurrency mixer is a server that allows people to deposit crypto, which is mixed among many different wallet addresses to help prevent it from being accurately traced. The mixing service takes a…

  American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October. Henry Schein is a Fortune 500 healthcare products and services provider with operations and affiliates in 32 countries and a revenue of over $12 billion reported in 2022. It first disclosed on October 15 that it…

Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service providers across the U.S., maintaining online wellness programs, holding databases with personal patient data, generating predictive analytics,…

The Idaho National Laboratory (INL) confirms they suffered a cyberattack after ‘SiegedSec’ hacktivists leaked stolen human resources data online. INL is a nuclear research center run by the U.S. Department of Energy that employs 5,700 specialists in atomic energy, integrated energy, and national security. The INL complex extends over an 890-square-mile (2,310 km2) area, encompassing 50 experimental nuclear reactors, including…

The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees.  These breaches occurred last month and impacted Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, both providers of relocation services to Canadian government employees.  Government-related information stored on compromised BGRS and SIRVA Canada systems dates…

Malicious actors have been abusing Ethereum’s ‘Create2’ function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months. This is reported by Web3 anti-scam specialists at ‘Scam Sniffer,’ who observed several cases of in-the-wild exploitation of the function, in some cases losses incurred by one individual reaching…

Boeing, a prominent aerospace manufacturer and defense contractor, found itself targeted by the Lockbit ransomware group at the end of October. This cybercriminal organization claimed responsibility for infiltrating Boeing’s systems and asserted that it had obtained a substantial amount of sensitive data. The group threatened to disclose this information unless Boeing engaged with them before the initial deadline, initially set…

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. Before the leak, LockBit hackers said that Boeing ignored warnings that data would become publicly available and threatened to publish a sample of about 4GB of the most recent files. Backup data published LockBit ransomware has leaked more than…

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. Before the leak, LockBit hackers said that Boeing ignored warnings that data would become publicly available and threatened to publish a sample of about 4GB of the most recent files. Backup data published LockBit ransomware has leaked more…