News Corp revealed that employee data – at the least – was stolen from their internal servers stemming from illicit access that lasted almost 2 full years before being discovered. In other cybersecurity news, the U.S. Marshall service suffered a data breach with personal and law enforcement data compromised.
Ransomware causes Dish Network outages
Late last week, officials for Dish Network confirmed that the service outages they were experiencing were the result of a ransomware attack that compromised their websites and internal networks. The investigation has also revealed that some extremely sensitive information was exfiltrated during the incident, though it is unclear if it belongs to employees, customers, or both. The actors behind this attack are still unclear, though it does show signs of being a Black Basta operation, as they appear to have breached the Boost Mobile network shortly before the Dish Network attack.
Dutch police arrest cyber-extortion group
Dutch police have recently arrested three individuals that are the alleged operators of a multi-million-dollar cyber-extortion group that have been active for almost 2 years. The group was made up of 3 Dutch men who had been breaching corporate networks and demanding ransom payments, like a ransomware campaign, though they typically sold the stolen data even after receiving a payment. It is believed that they targeted thousands of organizations across the globe and were successful in extorting victims for millions of dollars during their short operating run.
Third-party breach exposes retailer data
Eighteen months after first discovering some unauthorized activity on their network, the third-party supplier My Rewards has released a statement that confirms a data breach of information being stored from other retailers. One such Australian retailer, The Good Guys, have acknowledged the breach from their former supplier and that they would be working with the proper authorities to decide the extent of their customer’s exposure. Cyberattacks on third-party service providers have been on the rise, as they are highly lucrative and often lead to additional malware and/or phishing campaigns.
News Corp confirms extensive data breach
Following a short investigation, it has been revealed that malicious actors had unrestricted access to News Corp’s internal networks for almost 2 full years before being found. Amongst the confirmed stolen data are employee financial and health information, and a sizable chunk of personally identifiable information, though they had more than enough time to access a plethora of other stored information. The media company has since been contacting all affected individuals and has started offering personal monitoring services.
Ransomware targets U.S. Marshals Service
The stand-alone computer system for the U.S. Marshals Service fell victim to a ransomware attack in mid-February, that may have exposed personal and sensitive law enforcement information. Fortunately, the incident didn’t expose the witness protection service’s database or any other judicial servers, unlike the 2020 breach which leaked the personally identifiable information of 387,000 current and former inmates.
