UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure. In October, UnitedHealth reported to the US Department of Health and Human Services Office for Civil Rights that the attack affected 100 million people. However, as first reported by TechCrunch, UnitedHealth confirmed on Friday that the figure has nearly doubled to 190 million. READ MORE...
UK telecommunications company TalkTalk is investigating a third-party supplier data breach after a threat actor began selling alleged customer data on a hacking forum. "As part of our regular security monitoring, given our ongoing focus on protecting customers' personal data, we were made aware of unexpected access to, and misuse of, one of our third-party supplier's systems, however, no billing or financial information was stored on this system," TalkTalk told BleepingComputer. READ MORE...
BeyondTrust determined 17 customers were impacted in a December attack spree related to the compromise of a Remote Support SaaS API key. The attack, attributed to a state-linked threat actor, included the compromise of several offices of the U.S. Treasury Department, where hackers gained access to unclassified data. BeyondTrust said it worked with its affected customers to support their respective investigations by providing them with artifacts, logs, and indicators of compromise. READ MORE...
Someone has been quietly backdooring selected Juniper routers around the world in key sectors including semiconductor, energy, and manufacturing, since at least mid-2023. The devices were infected with what appears to be a variant of cd00r, a publicly available "invisible backdoor" designed to operate stealthily on a victim's machine by monitoring network traffic for specific conditions before activating. READ MORE...
Improper handling of messages in Git's credential retrieval protocol could have allowed attackers to leak users' credentials, security researcher RyotaK says. Git retrieves login information stored in system-specific credential helpers using the credential protocol, which is text-based over standard input/output and relies on lines of key-value pairs. READ MORE...