Early this week, officials for First American Financial Corporation revealed that they fell victim to a data breach in December that compromised sensitive information of 44,000 clients. The title insurance provider recently finished their investigation into the initial incident, which ironically occurred just a month after the corporation finalized their settlement with the State of New York over a 2019 data breach. The company is offering all affected individuals' free credit and identity monitoring services.
RansomLord anti-ransomware tool now available
Developers have recently released an anti-ransomware exploit tool, RansomLord, that can be used to target various ransomware techniques and defeat ransomware attacks before encryption can begin. The tool is available for free on GitHub and was created to show that ransomware is not devoid of flaws and can be exploited due to mistakes made by their creators.
BreachForums returns just weeks after FBI takedown
Just two weeks after a law enforcement operation successfully seized the infrastructure of the known hacking hotspot, BreachForums, the admin ShinyHunters has restored operations. It is believed that ShinyHunters is the threat actor behind the recent TicketMaster data breach, which has been posted to the new BreachForums site, and has a sale price of $500,000 for 1.3 TB of data. This is the 4th iteration of the notorious hacking forum, as the previous 3 versions have all been subject to takedowns by law enforcement, often with the lead admin facing arrest.
Christie’s auction house suffers significant data breach
Over the weekend, threat actors behind the RansomHub extortion group added stolen data from Christie’s auction house to their leak site and a deadline of 5 days to make the ransom payment before the data is leaked. According to the RansomHub post, it is believed that upwards of 500,000 Christie’s clients have been affected by this incident, and that officials for Christie’s ended their negotiations almost immediately.
6.5Tb of MediSecure data for sale
Following a cyberattack on the Australian medical services provider, MediSecure in late 2023, an unknown threat actor has posted a 6.5TB data trove of stolen information for sale on a hacking forum for $50,000. Officials for MediSecure have confirmed that the stolen information is legitimate and contains personally identifiable information as well as limited health records that are tied to customer prescriptions.
