October 24, 2024 at 05:42PM Schubert Jonckheer & Kolbe LLP is investigating a cyberattack on American Water Works Company, potentially affecting 14 million customers. The company has temporarily disabled its customer portal and billing. Customers may face identity theft risks and are encouraged to seek information about their legal rights regarding the incident. **Meeting Takeaways … Read more
October 17, 2024 at 02:22PM Eric Council, a 25-year-old from Alabama, was arrested for allegedly hacking the SEC’s X account using a SIM-swap attack, resulting in a fake announcement about Bitcoin ETF approvals. The scheme caused Bitcoin’s price to fluctuate dramatically. Council faces charges of conspiracy and identity theft, with a potential five-year prison sentence. … Read more
October 14, 2024 at 06:13PM Gryphon Healthcare reported a data breach affecting up to 400,000 individuals, compromising sensitive patient information including personal and medical data. The incident was detected on August 13, with notifications sent to victims shortly after. Legal actions are underway, as class-action lawsuits emerge following similar healthcare data breaches. ### Meeting Notes … Read more
October 10, 2024 at 04:15PM Over 77,000 Fidelity Investments clients were notified of a data breach where unauthorized access to personal information occurred between Aug. 17-19. Although customer accounts were unaffected, concerns around identity theft persist. Fidelity offers two years of free credit monitoring and advises clients to monitor their financial activities closely. ### Meeting … Read more
October 10, 2024 at 12:57PM Fidelity Investments reported a data breach in August, exposing personal information of over 77,000 customers. An unknown attacker accessed data through two newly created accounts. Fidelity has initiated an investigation and offers affected individuals two years of free credit monitoring services while advising vigilance against identity theft. ### Meeting Takeaways: … Read more
October 9, 2024 at 01:03AM Microsoft warns of cyber attack campaigns exploiting file hosting services like SharePoint and OneDrive. These attacks aim to compromise identities and conduct business email compromise (BEC) fraud. Phishing tactics include using view-only files requiring OTP authentication, leading to credential theft through adversary-in-the-middle (AitM) phishing pages. ### Meeting Takeaways – Oct … Read more
October 7, 2024 at 05:17PM Mark Sokolovsky has pleaded guilty to his involvement in the Raccoon Stealer malware cybercrime. He distributed the malware under a MaaS model, allowing users to rent it for weekly or monthly fees. Sokolovsky was arrested in the Netherlands in March 2022, and the FBI dismantled the malware’s infrastructure in a … Read more
October 6, 2024 at 11:50AM FBCS, a debt collection agency, suffered a data breach impacting 4.2 million individuals. Comcast and Truist Bank were affected, exposing substantial customer data. FBCS stated that impacted individuals received 12 months of identity theft protection. Truist Bank also faced a breach, with the extent of impact not fully disclosed. It … Read more
October 6, 2024 at 11:50AM Evan Frederick Light from Indiana pleaded guilty to stealing $37.7 million worth of cryptocurrency from 571 victims in a 2022 cyberattack. He stole the funds by exploiting vulnerabilities in an investment company’s servers and used various means to conceal the trace of the assets. The FBI tracked and arrested Light, … Read more
September 30, 2024 at 10:24AM The Community Clinic of Maui in Hawaii, also known as Malama I Ke Ola Health Center, reported a cyberattack resulting in a data breach affecting over 120,000 individuals. The compromised data includes sensitive personal and medical information. While the organization claims no evidence of misuse, it offers impacted individuals complimentary … Read more