Following a data breach that exposed the personal information of 522 million Facebook users, Ireland’s Data Protection Commission (DPC) issued a €265 million fine alongside a list of security measures the company must implement. In other cybersecurity news, Trigona ransomware has emerged as a new worldwide threat.
Australia to increase fines for data breaches
The Australian Parliament will increase fines for companies who have suffered a data breach, up to AU$50 million. The current fine for a data breach of an Australian company is a mere AU$2.2 million, which is a negligible amount to many of the companies who have suffered a data leak. This new bill arrives in the wake of a long series of cyberattacks on Australian companies, which have shaken the country and exposed extremely sensitive information on ~20 million Australian citizens.
Ransomware attack in Virginia
Officials for Southampton County, Virginia have recently revealed that one of their servers had been encrypted during a potential ransomware attack back in early September and may have led to a data breach. While the County quickly recovered from the attack and found no evidence of stolen data, the threat actors have published a single W-2 form as proof. Though it is still unclear if any personally identifiable information (PII) was stolen, officials are warning all Southampton County residents to be wary of possible phishing attempts or unusual credit activity.
Ireland’s Data Protection Commission fines Meta €265 million
Following a 2021 data breach by Meta, that exposed data for millions of Facebook users, the Irish Data Protection Commission (DPC) has issued a fine of €265 million and a list of security measures that the company needs to incorporate. The data leak in question occurred on April 3rd, when a user was able to collect and upload the phone numbers and other identifiable information on 533 million Facebook users to a hacking forum with free access. While Meta has declared that they have already made several of the required changes, it cannot change the events that already took place or retract any of the stolen data on users from over 100 different countries.
RagnarLocker releases data stolen from Belgian Police
After falling victim to a ransomware attack earlier this year, the actors behind RagnarLocker have begun publishing data that was stolen from Police Zwijndrecht, which operates in Antwerp, Belgium. The attack was focused on their administrative network, which contained a significant amount of sensitive information on employees, along with criminal records and photographs dating back to 2006. The investigation has yet to confirm how many individuals may have been impacted by this breach or how the attackers gained access to a seemingly secure network.
Trigona ransomware targets victims around the world
A previously unnamed ransomware variant has recently been given the name “Trigona” by the actors behind it, along with creating a new Tor site for victims to negotiate and pay the demanded ransoms. Trigona spent most of 2022 as an unnamed ransomware that used email to communicate with victims but gained notoriety in October when researchers noticed the wide-spread nature of their victims and the tactics being used. It is also notable that Trigona appends the encrypted file extensions with “._locked” and claims to steal encrypted data, though that has yet to be confirmed.
