A retired teacher filed a class-action lawsuit against TIAA last week over the retirement fund's handling of clients' personal data following the cyberattack on the file transfer software platform MOVEit that exposed TIAA data. The data breach affected some 2.3 million TIAA clients, according to the lawsuit filed last week in U.S. District Court in New York. The suit alleges TIAA did not use "reasonable security procedures and practices" to protect clients' sensitive information. READ MORE...
Canadian dental benefits administrator Alberta Dental Service Corporation (ADSC) has started informing roughly 1.47 million individuals that their personal information was compromised in a ransomware attack last month. The intrusion was initially discovered on July 9, but the full scope of the data breach was determined only two weeks later. The attackers, ADSC says, had access to its network for more than two months before deploying file-encrypting malware. READ MORE...
It's been a while since we've written about card skimmers, which used to play a big part in global cybercrime. These days, many if not most cyber-breach and cybercrime stories revolve around ransomware, the darkweb and the cloud, or some unholy combination of the three. In ransomware attacks, the criminals don't actually need to approach the scene of the crime in person, and their payoffs are extracted online, typically using pseudoanonymous technologies such as the darkweb and cryptocoins. READ MORE...
Researchers discovered 120,000 infected systems that contained credentials for cybercrime forums. Many of the computers belong to hackers, the researchers say. Analyzing the data, threat researchers found that the passwords used for logging into hacking forums were generally stronger than those for government websites. After pouring through 100 cybercrime forums, researchers at threat intelligence company Hudson Rock found that some hackers had inadvertently infected their computers and had their logins stolen. READ MORE...
It's taken nearly ten years, but the US Department of Justice (DOJ) has just announced the court-approved seizure of a web domain called LolekHosted[dot]net that was allegedly connected to a wide range of crimeware-as-a-service activities. The DOJ also charged a 36-year-old Polish man named Artur Karol Grabowski in connection with running the service, but his current whereabouts are unknown. READ MORE...
Vulnerabilities in power management products made by CyberPower and Dataprobe could be exploited in attacks aimed at data centers, allowing threat actors to spy on organizations or cause damage, according to threat detection and response firm Trellix. Trellix researchers have analyzed CyberPower's PowerPanel Enterprise data center power management software and Dataprobe's iBoot power distribution unit (PDU). READ MORE...
Attackers are increasingly targeting abandoned and barely maintained websites for hosting phishing pages, according to a new study from Kaspersky. In many cases, phishers' focus is on WordPress sites because of the sheer number of known vulnerabilities in the widely used content management system and its numerous plug-ins. Researchers at Kaspersky recently counted 22,400 unique WordPress websites that threat actors had compromised between mid-May 15 and the end of July to host phishing pages. READ MORE...