Skip to main content
To Customer Support To Customer Support

Following a coordinated takedown of the ALPHV/BlackCat ransomware group’s dark web leak site by the FBI and many other global law enforcement agencies, the threat actors have been trading off control of the site and posting “unseized” messaging. The law enforcement actions resulted in a decryption tool for the ransomware to be made available for nearly 500 victims of ALPHV/BlackCat, though the group has confirmed over 3,000 unique victims worldwide. It is believed that law enforcement obtained login credentials for the ALPHV/BlackCat affiliate panel and discovered a large trove of stolen data and ransom negotiation communications between the victims and threat actors. ALPHV/BlackCat have since posted a new leak site and messaging that claims their tactics will now leave no potential victim safe from direct and affiliate attacks, and will cover a wider range of countries, critical infrastructure, and emergency services.

VF Corp falls victim to double-extortion ransomware attack

Last week, the global apparel firm, VF Corporation revealed that their internal network was compromised via a ransomware attack, and some sensitive information had been exfiltrated by the threat actors. The extent of the stolen information is still unclear, as well as the timeline for resuming normal operations for their online retail sites. The group behind the attack is also unknown, though they were able to gain significant access to VF Crop’s network and encrypted several critical IT systems.

7 million Delta Dental records compromised in MOVEit breach

Officials for Delta Dental of California have recently confirmed that they were a part of the MOVEit vulnerability breach in May of this year, and nearly 7 million customer records had been exposed. Their internal investigation finished near the end of November and was reported to the Maine Attorney General’s office on December 14th. Affected individuals are recommended to update their login credentials and keep an eye on their credit reports, as an incredible amount of personally identifiable information was accessed.

Healthcare software provider suffers major data breach

Officials for ESO Solutions, a national healthcare software provider, announced that they had suffered a data breach in late September which also resulted in many of their internal systems being encrypted by the threat actors. The following investigation revealed that over 2.7 million individuals were affected across 15 different healthcare facilities in the US, and ESO is now offering 12 months of identity monitoring services to all notified victims. It is still unclear as to which ransomware group may have committed the attack, or whether the stolen information has been actively used for additional cyberattacks.

Xfinity suffers data breach from Citrix Bleed vulnerability

During the last week of October, security staff at internet service provider, Xfinity, discovered some unauthorized activity on their internal network, which occurred due to a late patch implementation of a known Citrix vulnerability. It was later revealed that the intrusion resulted in a significant amount of customer data been accessed and affecting nearly 36 million individual customers. The vulnerability impacted many Citrix NetScaler appliances, leading to a bypass of multi-factor authentication and access to user sessions.

Data breach targets Mint Mobile customer data

Late last week, officials for Mint Mobile began notifying customers of a data breach that had exposed a significant amount of sensitive customer information. While the company does not store customer payment card data, they do retain a large amount of personally identifiable information, including SIM (Subscriber Identity Module) numbers which can be abused through SIM swapping attacks.

Australia’s largest healthcare provider suffers data breach

Recently, staff at St. Vincent’s Health Australia discovered some unauthorized activity on their network which ultimately resulted in a data breach of the nation’s largest healthcare provider. While the investigation into the incident continues, staff have already contacted both law enforcement and affected clients to inform them of their compromised health records. The extent of the breach is still being determined, and the threat group responsible for the attack is still unknown.

Over 400 online retailers infected with payment card skimmers

Following a recent operation against payment card fraud, officials from Europol and several other law enforcement agencies have identified over 400 online retailers that are currently infected by some of the 132 known card skimmers. Most of the active skimmers are simple JavaScript-sniffers that are injected into highly trafficked online retail sites to capture payment card data but can remain unnoticed for weeks or months.

Data breach impacts 1.3 million LoanCare customers

Officials for the US mortgage servicing company, LoanCare, have recently begun contacting more than 1.3 million loan customers regarding a data breach at their parent company, Fidelity National Financial, which may have compromised a massive amount of overly sensitive loan information. The breach investigation is still ongoing, however LoanCare have already offered to provide two years of identity monitoring to all affected customers.

Researchers warn Ubisoft of network breach

Officials for the video game company, Ubisoft, have been investigating the announcement from third-party researchers that their internal network had been breached, with the goal of exfiltrating 900GB of sensitive game data. The researchers were contacted by the threat actors about the infiltration, during which they had full access to the system for 48 hours before being discovered and their unauthorized user access was revoked by Ubisoft staff. It is still unclear how the threat actors accessed the system or if any stored data was stolen during the incident.

Cactus ransomware targets major Swedish grocery retailer

Recently, officials for one of the largest retail and grocery providers in Sweden, Coop, confirmed that nearly all their 800 stores had been affected by a ransomware attack. The Cactus ransomware group has claimed responsibility for the incident and claims to have stolen and published 256GB of data to their leak site. This is the second ransomware attack to affect Coop in the last few years, as they previously fell victim to a supply chain ransomware attack that specifically targeted Kaseya products in 2021.

Prominent healthcare tech firm suffers data breach

In the last few weeks, staff from the US healthcare solutions provider, HealthEC, LLC, revealed that their systems were breached for a week in July of 2023, and had led to a significant amount of client healthcare data being exposed. The resulting investigation confirmed that health records, social security numbers, and other billing records were compromised, which could lead to additional nefarious activities and possible identity theft. Upwards of 4.5 million individuals have been affected by this incident and are being urged to carefully monitor their credit reports and other sensitive statements.

Banking trojans see exponential rise in 2023

Researchers have been tracking the rising number of banking trojans that are targeting mobile banking apps over the past few years and have discovered an additional 19 malware families over the previous year’s report. In 2023, researchers identified 29 unique malware families that are now focusing on over 1,800 banking apps being used in 61 different countries. The US had the highest proliferation of targeted banks, with 109, while the UK was second with 48 affected financial institutions. Many of these banking trojans are using new tactics as well, including automatic funds transferring and screen sharing, to gain additional control of the infected device.

Inc Ransomware breaches Xerox Business Solutions subsidiary

At the end of December, threat actors behind the Inc ransomware group updated their leak site to include Xerox Business Solutions (XBS), a Tampa-based subsidiary, and had stolen an undisclosed amount of data. Officials for XBS confirmed the network intrusion shortly after they appeared on the Inc leak site, though they were not forthcoming about the extent of the incident or the type of data that was illicitly accessed by the ransomware group.

ALPHV/BlackCat ransomware breaches Boston ambulance service

Following an extensive investigation in December 2023, it has recently been revealed that the ALPHV/BlackCat ransomware group successfully breached Transformative Healthcare’s now-defunct subsidiary, Fallon Ambulance Service for several months at the beginning of 2023. The breach affects over 900,000 individuals who used the service at some point, and compromised a significant amount of personally identifiable information, which was still being stored after the company ceased active operation.

Than you @ConnorM 
There is a lot to digest in this News Rundown.

Thanks @ConnorM for the post. I’m really getting tired of these data breaches. Businesses can’t secure their customers accounts probably the major cause of it. Last week I went to Lowe’s. While checking out I scanned my military discount card to find a unknown name on my account from North Carolina. I got home and checked my Lowe’s account, couldn’t find the unknown name. The name only shows when checking out in the store.

Today I checked my account from Discount Tire where I bought a new set of tires in September. When I logged into my account I got another account belonging to someone else, Name, Address, Email, Telephone Number, Store where they bought their tires. These stores need to secure their customers data better.

 

Thanks @ConnorM like Jeff said there’s allot to digest! Sorry to hear Dave @ProTruckDriver you keep having issues with some services you use.

 

 

You have mentioned a few times  @ProTruckDriver  about the problems you are getting. It makes me wonder sometimes if they really do care as much as they should. 

You have mentioned a few times  @ProTruckDriver  about the problems you are getting. It makes me wonder sometimes if they really do care as much as they should. 

Well it could happen to anyone even one of my Health Care places where I get Blood Tests was Attacked. I got an email saying I could claim some money but with so many the amount is small and it’s not worth getting involved. https://www.ctvnews.ca/business/lifelabs-to-pay-out-at-least-4-9-million-in-proposed-class-action-settlement-over-data-breach-1.6514511 so how many feel like I do and will not care as well so in reality how much are they going to payout?

 

Just a good thing it hasn’t affected me personally!

 

Also my ISP a few years ago: https://www.bleepingcomputer.com/news/security/rogers-data-breach-exposed-customer-info-in-unsecured-database/

 

Again not affected personally but it’s out there and who knows???

Thanks again @ConnorM 

 

Reply


Terms & Conditions