October 23, 2023 at 03:41PM Hackers breached the University of Michigan’s network in August, accessing systems with information belonging to students, applicants, alumni, donors, employees, patients, and research study participants. The unauthorized access lasted from August 23-27, and the data exposed included personal, financial, and medical details. The university detected the suspicious activity and isolated … Read more
October 21, 2023 at 04:14PM Insurance giant American Family Insurance experienced a cyberattack, leading to the shutdown of certain IT systems. The company detected unusual activity and took precautionary measures to protect data. While no compromises to critical systems have been detected, customers faced outages and were unable to access online services. Investigations are ongoing, … Read more
October 21, 2023 at 12:41PM Trigona ransomware suffered a data breach after Ukrainian hacktivists exploited a vulnerability in their server. The hackers breached several sites, taking data and defacing the Tor negotiation and data leak sites. Similarly, law enforcement disrupted the RagnarLocker ransomware operation, seizing the group’s dark websites and arresting a malware developer. In … Read more
October 21, 2023 at 05:09AM Identity services provider Okta disclosed a security incident where threat actors used stolen credentials to access its support case management system. Okta confirmed that customer data in the support system was compromised, but its production Okta service was not affected. The breach has also impacted customers Cloudflare and BeyondTrust. This … Read more
October 20, 2023 at 05:48PM Hackers breached Okta’s support case management system and accessed sensitive data that can be used for identity impersonation. The stolen data includes cookies and session tokens, which can be used for further attacks. Okta has taken steps to protect its customers, but recommends sanitizing credentials and tokens before sharing them. … Read more
October 20, 2023 at 05:48PM Okta, an identity and access management services provider, has disclosed a recent compromise of its customer support case management system. Sensitive customer data, including cookies and session tokens, was exposed, potentially allowing attackers to impersonate valid users. The incident only affected customers with recent support cases, and Okta has taken … Read more
October 20, 2023 at 11:24AM Law enforcement agencies from multiple countries have seized the dark web site used by the RagnarLocker ransomware group to shame victims. Operating since 2020, the group targeted 52 entities across critical infrastructure sectors. Unlike other ransomware operations, RagnarLocker was not advertised as a service but operated by a private group. … Read more
October 19, 2023 at 04:47PM A threat actor known as Golem has released a new dataset containing the records of over 4 million people’s genetic ancestry, including information on wealthy individuals in the US and Western Europe, after compromising the 23AndMe site. 23andMe is still verifying the authenticity of the leaked data. The breach was … Read more
October 19, 2023 at 04:27PM Microsoft is extending Purview Audit log retention following the breach of Exchange and Microsoft 365 accounts by the Chinese hacking group Storm-0558. The affected organizations included government agencies, with the US State and Commerce Departments among them. The changes will roll out to customers with Standard licenses, providing longer retention … Read more
October 19, 2023 at 12:05PM A cybercriminal using the alias “Golem” has uploaded a second batch of stolen profile data from biotech company 23andMe. The new leak contains an additional 4.1 million records, mainly from UK users, and appears to have a religious motivation. Golem targeted the Ashkenazi Jewish ethnic group in the first leak … Read more