Recently, officials from the telecommunications giant AT&T revealed that they had fallen victim to a data breach in March, which subsequently exposed extremely sensitive information for 73 million current and former customers. Following the discovery of the breach, a threat actor posted the stolen data on a dark web forum, stating that the trove included social security numbers, full names, and payment card details.
Ransomware targets Jackson County, Missouri
At the beginning of the week, staff at the Jackson County government offices in Missouri discovered several of their internal systems had been impacted by a ransomware attack. The incident forced officials to close all affected government offices until the investigation and remediation efforts had been completed. The system outages occurred on the same day as local district elections took place, though the actual election systems throughout Missouri were unaffected.
Chinese shopping platform leaks data on 1.3 million customers
Hackers recently exploited multiple vulnerabilities in the Chinese shopping platform, PandaBuy, and successfully exfiltrated sensitive account details for more than 1.3 million users. While officials for PandaBuy have yet to confirm the breach, the hackers behind the incident have already posted the stolen data to a dark web forum and made it available for a trivial amount of cryptocurrency.
ALPHV/BlackCat ransomware claim Prudential Financial attack
In the month since first identifying a security breach in their systems, officials for Prudential Financial have filed the incident with the SEC (Securities and Exchange Commission) and the threat actors behind the ALPHV/BlackCat ransomware group have claimed the attack and posted the exfiltrated data to their Tor leak site. As the investigation concluded, it was revealed that the initial breach occurred on February 4th and affected more than 36,000 customers.
Rhysida ransomware group breaches major yacht retailer
Officials for one of the largest boat and yacht retailers in the world, MarineMax, have confirmed that they were the victims of a data breach that compromised both employee and customer data. The threat actors behind the Rhysida ransomware group have claimed responsibility for the attack and have posted the stolen data for sale on their leak site, with a 15 Bitcoin ($1 million) price tag.
