January 8, 2024 at 09:14AM A misconfigured object storage system at Iranian crypto exchange bit24.cash exposed personal details of 230,000 citizens. Researchers found unprotected and open S3 buckets storing users’ verification documents, including consent letters, passport information, and credit card details. However, bit24.cash assured no evidence of a breach and confirmed securing the storage instance. … Read more
January 8, 2024 at 08:26AM The British Library is disputing reports of potentially $9 million recovery costs from a 2023 ransomware attack, with final costs unconfirmed. The attack caused significant disruption, with various systems offline. The recovery process could take several months, impacting services and payments to authors. The library will issue updates on its … Read more
January 7, 2024 at 03:37PM LoanDepot, a leading nonbank mortgage lender in the USA, has been hit by a cyberattack, causing system outages and impacting customer payments and services. The company is actively addressing the incident and advising customers to use its call center for payment assistance. Concerns about data theft and phishing attacks have … Read more
January 5, 2024 at 04:59PM Extortionists are issuing swatting threats against hospitals if ransom demands are not met. After cyberattacks on medical centers, criminals threatened to swat the patients, aiming to pressure the hospitals to pay. This escalating trend of extreme tactics, including direct threats to patients, indicates a disturbing shift in cybercrime. The frequency … Read more
January 5, 2024 at 04:19PM The U.S. Department of Justice concluded an international investigation into xDedic cybercrime marketplace, with 19 suspects charged. The marketplace facilitated fraudulent activities totaling over $68 million before its shutdown. Several suspects have been sentenced, others awaiting extradition. Two administrators were sentenced, and high-volume seller Dariy Pankov and prolific buyer Allen … Read more
January 5, 2024 at 03:08PM BreathForums admin Conor Fitzpatrick was re-arrested for violating pretrial conditions, including using an unmonitored computer and a VPN. He openly admitted to being the threat actor “Pompourin” and creating BreachForums to leak stolen data. Fitzpatrick was charged with theft and sale of sensitive personal information and will remain in custody. … Read more
January 5, 2024 at 11:24AM Orrick, Herrington & Sutcliffe, a law firm specializing in cyberattacks, disclosed that over 600,000 individuals were impacted by a data breach in early 2023. The breach involved unauthorized access to a portion of its network and compromised personal information of clients’ customers. Orrick has deployed additional security measures and reached … Read more
January 5, 2024 at 09:44AM Cybercriminal Pompompurin, aka Conor Brian Fitzpatrick, was arrested for violating pretrial release conditions, leading to custody until sentencing. Facing charges for access device fraud, child sex abuse material possession, and operating BreachForums. October’s sentencing postponed to January due to a pending evaluation. Fitzpatrick’s site sparked numerous cybercrimes and continues under … Read more
January 5, 2024 at 07:18AM The US Justice Department charged 19 individuals in relation to the xDedic cybercrime marketplace takedown in 2019. The marketplace facilitated the sale of stolen server credentials and personal information. Those charged include administrators, buyers, and sellers, with sentences ranging from probation to 78 months in prison. Additionally, extradition is pending … Read more
January 5, 2024 at 03:27AM Ukrainian authorities reported a cyber attack by the Russian state-sponsored group Sandworm, which breached telecom operator Kyivstar’s systems, leading to service disruption for millions. A Russia-linked hacking group, Solntsepyok, claimed responsibility. The attack wiped out data from thousands of servers, and the Security Service of Ukraine suspects the attackers had … Read more