Officials for the Taiwanese networking equipment maker, D-Link, have recently confirmed a data breach from the beginning of the month that has compromised a significant amount of personally identifiable information (PII) for both customers and employees. The hackers behind this attack have published the stolen data to BreachForums, with a sale price of only $500, and claim to have data on government officials as well as the source code for D-View (D-Link's network management software). D-Link staff claim the stolen data is outdated and limited to a testing environment that housed an older version of D-View, though this has yet to be confirmed.
ALPHV/BlackCat ransomware targets Morrison County Hospital
Late last week, the threat actors behind the ALPHV/BlackCat ransomware group posted a 5TB data trove of extremely sensitive patient information from Morrison County Hospital (MCH) in Illinois to their dark web leak site. After attempting to negotiate with MCH officials, the threat actors began reaching out to journalists to report the breach and have plans to start contacting affected patients before publishing the full data. Healthcare organizations continue to be popular targets for data breaches, as their security isn’t given a high enough priority, and the data they store is extremely sensitive.
Google Play Protect adds new features to improve app security
Google has recently pushed out a new software update for Google Play Protect, which now adds the feature of code-level scanning in real-time, to improve security of available apps. Currently, Google Play Protect scans over 125 billion apps each day, and can give an on-demand analysis of any application before the user installs it and provide warnings for any malicious activity or unexpected software additions.
Outages at Kwik Trip caused by cyberattack
For the last 2 weeks, Kwik Trip convenience stores across the Midwestern US have suffered IT outages that were caused by a cyberattack. IT staff at Kwik Trip first identified an unusual network incident on October 8th, that was affecting their internal support systems and the Kwik Rewards loyalty program and have been working with third-party security experts to investigate the cause of the incident and determine if any sensitive data was compromised.
Lockbit ransomware put $80 million ransom on CDW breach
Several days after claiming the data breach on technology services provider CDW, the threat actors behind the Lockbit ransomware group added CDW to their leak site and gave 24 hours to pay an incredible $80 million ransom. Officials for CDW negotiated a payout of $1.1 million but were turned down and the entire data trove was made publicly available shortly after. It is believed that the high ransom amount was due to the company’s $20 billion revenue evaluation, and the ransomware group found it laughable that the company valued the stolen data at such a low price, considering it contained a significant amount of sensitive financial and employee information.
