Category: Crime

As Genetic testing provider 23andMe faces multiple lawsuits for an October credential stuffing attack that led to the theft of customer data, the company has modified its Terms of Use to make it harder to sue the company. In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked the data for 1 million Ashkenazi Jews and 4.1 million people living in the United Kingdom. Threat actor leaking 23andMe data Source: BleepingComputer 23andMe told BleepingComputer that…

A former Ukrainian MP regarded by Kyiv as a traitor has been shot dead in a park in suburban Moscow, in an attack attributed to Ukraine’s SBU security service. Illia Kyva was a pro-Russian member of Ukraine’s parliament before Moscow’s invasion of Ukraine in February 2022, but fled to Russia a month before the start of the war and frequently criticised Ukrainian authorities online and on Russian state TV talkshows. Russian investigators said in a statement on Wednesday that Kyva…

Mercer Financial Advice has been ordered by the Federal Court to pay a $12 million penalty for breaching fee disclosure obligations and for wrongly charging fees to customers, ASIC has reported. “This is a significant penalty for a financial advice provider,” said Sarah Court (pictured above), ASIC deputy chair. “Mercer failed in its obligation to provide fee disclosure statements to clients, provided misleading information in the disclosure statements it did provide, and charged its clients fees for services it was…

WASHINGTON: US inspectors announced fines against China-based firms Thursday, as part of a broader effort to hold US-listed Chinese companies up to American auditing standards amid simmering geopolitical tensions. These included PwC affiliates in Hong Kong and China, alongside a Chinese audit company. The $7.9 million in penalties unveiled by the Public Company Accounting Oversight Board (PCAOB) represent some of the highest imposed on any firm globally, it said. They mark the first time it “has been able to bring enforcement action…

CISA (Cybersecurity & Infrastructure Security Agency) is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers (PLCs) exposed online. PLCs are crucial control and management devices in industrial settings, and hackers compromising them could have severe repercussions, such as water supply contamination through manipulating the device to alter chemical dosing. Other risks include service disruption leading to a halt in water supply and physical damage to the infrastructure by overloading pumps or opening and…

The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. A cryptocurrency mixer is a server that allows people to deposit crypto, which is mixed among many different wallet addresses to help prevent it from being accurately traced. The mixing service takes a commission from the crypto deposited, and after it is “mixed,” it will send it to another wallet address owned by…

  American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October. Henry Schein is a Fortune 500 healthcare products and services provider with operations and affiliates in 32 countries and a revenue of over $12 billion reported in 2022. It first disclosed on October 15 that it had to take some systems offline to contain another cyberattack that impacted its business one day before. More than a month…

  As China’s embattled shadow banking giant Zhongzhi Enterprise Group faces a criminal probe, lawyers and analysts are assessing the damage to investors. One estimate puts that at about US$56 billion (S$74.9 billion). More than three quarters of investor cash would be lost, with just 100 billion yuan (S$18.7 billion) being recovered from debt of as much as 460 billion yuan, according to one scenario outlined by Mr Ying Yue, a lawyer at Leaqual Law Firm in Shanghai. He expects…

Three Palestinian students attending US colleges were shot on Saturday night in Burlington, Vermont, and were being treated for injuries on Sunday, according to the students’ former school in the West Bank. Ramallah Friends School said in a Facebook post on Sunday that three of its graduates had been shot near the University of Vermont Campus – Hisham Awartani, who attends Brown University in Rhode Island, Kinnan Abdel Hamid, who attends Haverford College in Pennsylvania, and Tahseen Ahmed, who attends…

AUTRYVILLE: Deputies responding to a call about shots fired in North Carolina on Sunday found four people shot to death in what appeared to be a campsite for homeless people, authorities said. An initial review of the crime scene indicated someone killed three people before killing themselves, Sampson County Sheriff’s Capt. Eric Pope told WRAL-TV. Two men and two women were found dead around a tent at the end of a private road rutted with huge potholes near Autryville, authorities…

BOGOTA: Former Colombian president Alvaro Uribe will appear before the attorney general’s office next week over a 1997 paramilitary massacre, authorities said Thursday. While Uribe was governor of the Antioquia department, a group of 150 right-wing paramilitary members killed at least 15 people in the village of El Aro. Last week, paramilitary leader Salvatore Mancuso, at a hearing with Colombia’s Special Jurisdiction for Peace, said Uribe “always knew about the operation.” The country has for decades been convulsed by fighting…

Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service providers across the U.S., maintaining online wellness programs, holding databases with personal patient data, generating predictive analytics, and supporting healthcare needs like medication adherence and pandemic response. Earlier this year, the Clop ransomware gang exploited a zero-day vulnerability in…

The Idaho National Laboratory (INL) confirms they suffered a cyberattack after ‘SiegedSec’ hacktivists leaked stolen human resources data online. INL is a nuclear research center run by the U.S. Department of Energy that employs 5,700 specialists in atomic energy, integrated energy, and national security. The INL complex extends over an 890-square-mile (2,310 km2) area, encompassing 50 experimental nuclear reactors, including the first ones in history to produce usable amounts of electricity and the first power plant designed for nuclear submarines….

Beijing has defended its prosecution of two Canadians for espionage, after The Globe and Mail reported that Michael Spavor blames intelligence work done by Michael Kovrig for their nearly three-year-long detention. Mr. Spavor is seeking a multimillion-dollar settlement from Ottawa, two sources told The Globe, alleging he was arrested in China in late 2018 because he unwittingly provided intelligence on North Korea to Mr. Kovrig, which was later shared with Canada and allied spy services. In a statement Sunday, China’s…

The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees.  These breaches occurred last month and impacted Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, both providers of relocation services to Canadian government employees.  Government-related information stored on compromised BGRS and SIRVA Canada systems dates back to 1999, and it belongs to a broad spectrum of affected individuals, including members of the Royal Canadian Mounted…

An Ontario justice has thrown out a proposed $200-million class action lawsuit against legal software provider Dye & Durham Ltd. DND-T over price hikes and broken promises by the Toronto software company. Ontario Superior Court Justice Edward Morgan last month dismissed the action brought by real estate law firms and D&D clients Burford Law Professional Corp. and Tais Davis. D&D spokesman Wojtek Dabrowski said in an e-mail: “We are pleased with this outcome and glad to put this meritless lawsuit…