Late last week, officials for the American Bar Association (ABA) began contacting past and current members regarding a security incident that may have compromised the credentials for over 1.4 million individuals worldwide. The network intrusion was first discovered back in March, and investigations revealed that the hackers had unrestricted access to credentials for a legacy system for several weeks before being detected. ABA officials are urging all affected members to update their login credentials, especially those that were re-used when registering for the new system.
Ransomware attack forces Point32Health offline
Recently, the health insurer Point32Health confirmed that they had fallen victim to a ransomware attack and were forced to take many of their critical systems offline to prevent any further intrusion. This incident targeted the internal systems belonging to Harvard Pilgrim Health Care, and only their portion of the Point32Health network would remain inaccessible until the investigation is completed.
Fincantieri Marine Group suffers ransomware attack
At the start of the week, officials for the US Navy-contracted shipbuilder Fincantieri Marine Group (FMG) revealed that their shipyard had suffered a ransomware attack that was disrupting operations and causing significant delays. While the investigations have turned up no evidence of any data theft, it is still unclear as to how long the shipbuilder’s operations will remain offline, or who is responsible for the attack.
Peugeot leaks data on Peruvian customers
Researchers have unearthed an unsecured section of the Peugeot website for Peru, that contains a significant amount of sensitive user information and the credentials that would allow anyone to export all stored data. It is believed the dataset has been publicly accessible for several months and still has not been properly secured by the owners.
Black Basta claims cyberattack on Yellow Pages Canada
Over the weekend, threat actors from the Black Basta ransomware group published data belonging to Yellow Pages Group, the Canadian portion of the directory service. Officials have confirmed that the leaked data is legitimate and contains documents with extremely sensitive information on customers and employees. It is believed that the first incident occurred back in March and may only be posting to the leak site now as negotiations have ceased.
