Weekly #Hacktivity Report December 13, 2024
Each week, we’ll spotlight high-profile stories on cyber attacks, ransomware, identity theft, and other digital crimes. The frequency and impact of these incidents on individuals and businesses are on the rise.
We don’t need to accept this as the norm, nor as simply the price of being online.
Using independently encrypted shared blocks, IronWeave offers unparalleled privacy, security, and scalability. Our patented shared-block architecture empowers you to determine who can see and share your data.
We are ushering in the new era of Read, Write, Own and SECURE. Learn more
Krispy Kreme is struggling to fulfill online orders after it was hit with a cyberattack
The company’s systems were breached last month and the company is still having problems fulfilling online orders. We won’t sugar coat it, this is yet another example of a major company having inadequate data security.
US Bitcoin ATM operator reports data breach of 58K customers
The company claims that no funds were lost but has urged their customers to change their login credentials as a security measure. It’s more than a bit ironic that a crypto exchange has been breached. “Not your keys, not your coins” is still true.
The Center for Vein Restoration (CVR) with 110 locations across the U.S. experienced a data breach that exposed the protected health information (PHI) of patients, as well as the personal information of both current and former employees. Approximately 445,000 people’s data has now been exposed, putting them at risk of identity theft, fraud, including possible medical insurance fraud. We must enact laws that make lax data security too expensive to continue conducting business with sensitive data in these insecure ways.
Rhode Island says personal data likely breached in social services cyberattack
Rhode Island officials reportedly advised people to “ … take action to protect their personal information.” Would it be acceptable if after being robbed the police said, “Keep your valuables protected.”? Protection was their job and their responsibility, wasn’t it? Governments and the private sector must be held responsible for inadequate data security, and held to a higher standard. Let’s give them the tools to do so.
UK's National Museum of the Royal Navy hit by cyberattack
The cyber criminals are demanding a ransom to restore services that affect six museums across the UK. We have a sinking feeling that their data security was sub standard. Decentralized data storage that’s both private and secure is the sea change needed for data security.
Weekly #Hacktivity Report December 6, 2024
U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack
In light of the unprecedented wave of cyberattacks, reportedly originating from China and targeting telecommunications giants like AT&T and Verizon, U.S. officials are urging Americans to prioritize their digital security. They recommend using encrypted messaging apps to protect communications from foreign hackers.. But even those encrypted messaging apps are centrally controlled. Self-sovereign, Web3-based data management is a better model.
The multi-billion dollar money laundering includes Russian elites, crypto-rich cyber criminals, and drug gangs in Europe, the Middle East and Latin America. We could take the ransomware’s ill-gotten-gains out of the equation if our data storage models offered secure, private, decentralized data. Until then, the black market economy continues to harvest the fruits of ransomware gangs.
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
It was inevitable. Why learn the skills required to be an effective hacker when for a mere $3,000 per month you can use Malware-as-a-Service to rob and scam people? Let’s work to relegate this business model to the not-so-quaint annals of history. Decentralized, secure, private data must be the default standard.
Ruthless ransomware gangs bleeding small companies dry
The human toll of cybercrimes too often goes unnoted. This article shines a light on that impact in reporting on lost homes, divorces, and unpaid wages. Business insurance rarely covers the cost of the ransom.The median insurance payout is $1 million while the average ransom payment is $6.5 million (2023) cybersecurity researchers report that nearly 80% of its victims are small and medium-sized organisations, mostly in North America and Europe. The current model of data security is not sustainable.
Cyberattack stalls nearly $50M civic center project in Michigan township
The $45 million township civic center project is now "on hold" as a result of the attack that impacted the issuance of infrastructure bonds related to the project. Are we ready for a better data security model yet? It’s time.
Weekly #Hacktivity Report November 29, 2024
A database of over 640,000 records (713.1GB) in the form of PDF files, belonging to SL Data Services and containing hundreds of thousands of records was recently found by a cybersecurity researcher. The records were publicly exposed and not password-protected or encrypted.
The exposed records of vehicle records, court records, and property ownership reports included full names, addresses, email addresses, employment details, social media accounts, phone numbers, and criminal records.
RansomHub gang says it broke into networks of Texas city, Minneapolis agency
The notorious cybercrime group, RansomHub, took credit for ransomware attacks on two municipal governments, Coppell, Texas and the Minneapolis Park and Recreation Board. The cybercrime organization is believed to be responsible for dozens of high-profile incidents in 2024. If these criminals had to steal information one encrypted record at a time, they would probably resort to using their considerable skills for legitimate work.
Ransomware attack closes Hoboken city hall, impacts services
TL;DR
- Municipal Court has been cancelled - you can’t pay your parking ticket.
- Street sweeping was suspended - you can park where they were going to clean.
- All other parking regulations remain in effect - if it was illegal to park in that spot, you’re still going to get a ticket.
Jokes aside, people’s lives are disrupted when data security is insufficient.
Wake Up And Smell The Ransomware—Starbucks Impacted By Cyber Attack
Blue Yonder is a digital supply chain platform that enables everything from fulfillment to delivery logistics. Starbucks uses Blue Yonder for barista schedule management and payments. Starbucks states that the disruption of the Blue Yonder platform has not affected Starbucks’ customers. Even still, it might be grounds for employing a decentralized platform.
Warning on 500K French supermarket shoppers targeted in cyberattack
What data was accessed? Data about loyalty customers, specifically names, email addresses, postal addresses, telephone numbers, date of birth, loyalty card number, and family composition (if they provided that information), The French company Auchan advised their customers to be vigilant for fraudulent emails, texts, or calls. But what will the company do to compensate their customers or assure them that their data is now safe?
Weekly #Hacktivity Report November 22, 2024
China’s Hacking Reached Deep Into U.S. Telecoms
The chairman of the Senate Intelligence Committee said on Thursday, Nov. 21, 2024, that China’s recent breach of the innermost workings of the U.S. telecommunications system reached far deeper than the Biden administration has described. We need governments to legislate more stringent, effective standards that protect both government and private sector data. Decentralization and secure private interactions are the answer.
Fintech For 45 Of 50 Top Banks Confirms Data Breach
Finastra, a global leader in financial technology serving 45 of the world’s top 50 banks, has confirmed a major data breach impacting its internal file transfer system. The London-based firm facilitates vital banking and wire transfers for over 8,100 financial institutions worldwide. The harm to their customers is not yet known. There’s a better way to protect data. To start, don’t keep it all in one place.
San Francisco Ballet hacked data posted for sale by two ransomware gangs
The world-respected San Francisco Ballet Company was breached by not just one, but by two sets of hackers. That’s tutu many. Even though a respected arts organization is not a high value target, there’s a real person behind every stolen record. Governments and organizations must do better to protect the data they entrusted with safekeeping.
Don't Let Identity Thieves Use Your Social Security Number. Here's How to Lock It
Identity thieves who get their hands on your SSN can also use it to get a job in your name, rack up credit card debt against your credit score and to steal your tax refund. Read what you can do to reduce your risks. In the meantime, IronWeave is working to create a world where data breaches are rare and limited in scope.
Weekly #Hacktivity Report November 15, 2024
Hungary confirms hack of defense procurement agency
Hungarian officials confirmed that the country’s defense procurement agency (VBÜ) was attacked by an “international group of hackers” and are now demanding $5 million in ransom. This is another example of national defense being put at risk, and underscores the urgency of addressing the vulnerability inherent in centralized databases.
Chinese hackers target Tibetan websites in malware attack
A hacking group believed to be Chinese state-sponsored has compromised two websites with ties to the Tibetan community in an attack meant to install malware on users' computers. There are many motives for hacking. Decentralized data storage will reduce those threats.
Cyberattack temporarily blocks Israeli credit card payments
An Iran-linked hacker group took responsibility for the attack. It’s not always profit that drives bad actors. We need to move beyond centralized data into data stores designed for an always-online, privacy-first Internet.
US confirms China-backed hackers breached telecom providers to steal wiretap data
The U.S. government has confirmed that hackers linked to China breached multiple U.S. telecommunication service providers to access the wiretap systems used by law enforcement to surveil Americans. Do we, as a nation, care enough about protecting our state secrets to relinquish failed cybersecurity models, and embrace the promise of inherently secure and privacy-based decentralized data storage? It’s time.
“Keep an eye on your account activity for the next 12 - 24 months” and “If you’d like, we’ll issue you a new debit card.” No word on what systemic changes will be implemented to prevent this from happening again… Are we ready for change yet? I think so.
Weekly #Hacktivity Report November 8, 2024
The whole mole edition
22,000 IPs Taken Down in Global Cybercrime Crackdown
More than 1,000 servers linked to targeted malicious services were taken down in Hong Kong, 291 servers were disrupted in Macau, and another in Mongolia, where 93 individuals linked to nefarious cyber activities were identified. We applaud these efforts but believe that it doesn’t address the root problem of a data storage model that is not secure. Even if you’re good at whack-a-mole, there will always be another mole.
This arrest is another example of addressing the bad outcomes associated with a problem, but not addressing the underlying problem itself. Just one more mole whacked, others are hiding just below the surface.
Chinese hackers gained access to huge trove of Americans’ cell records
https://apple.news/AqAKl963zRhC6RCSEuQnCNA
When foreign state actors breach networks, we have to treat it as a matter of national security. The hackers accessed information on who Americans talk to, how often, and when, as well as detailed location data. When will our responses equal the seriousness of these threats? Decentralized data storage will make us more secure, both individually and as a country.
Cyberattack disables tracking systems and panic alarms on British prison vans
This incident sounds like it could be a plot thread for a thriller involving a prison escape. Fortunately there was no attempted escape. An interesting aspect of the story (see link) is the movement towards establishing standards for cybersecurity. “...critical infrastructure operators and public sector contractors may be similarly obliged to introduce supplier requirements under the government’s forthcoming Cyber Security and Resilience Bill, which is expected to be introduced to parliament next year.” A decentralized solution should be part of cybersecurity standards.
Weekly #Hacktivity Report November 1, 2024
Each week, we’ll spotlight high-profile stories on cyber attacks, ransomware, identity theft, and other digital crimes. The frequency and impact of these incidents on individuals and businesses are on the rise.
We don’t need to accept this as the norm, nor as simply the price of being online.
Using independently encrypted shared blocks IronWeave offers unparalleled privacy, security, and scalability. Our patented shared-block architecture empowers you to determine who can see and share your data.
We are ushering in the new era of Read, Write, Own and SECURE. Learn more
Hackers demand France’s Schneider Electric pay a $125k ransom in baguettes
These hackers have a sense of humor. They have even offered to reduce their ransom by fifty percent if Schneider Electric admits they were hacked. Break the bread, and fork over less dough. Store your bread in private, secure data blocks and bad actors won’t get a crumb.
Data breach hits 68,000 Texans, 800,000 nationwide at Texas life insurance servicer
Did the hackers miss anything of value? It doesn’t seem like they missed anything in this data heist. Here’s what was accessed: names, addresses, dates of birth, social security numbers/tax identification numbers, driver’s license numbers/government-issued ID numbers, financial information such as credit card numbers, and medical and health insurance information. The only reason people are not marching on the seats of government for these types of breaches is that cybercrimes are less visible than holding up a bank or carjacking. The results can be as dire.
California court suffering from tech outages after cyberattack
“Justice delayed is justice denied.” The attack disabled all of the court’s phone and fax services, websites containing juror reporting instructions, the e-filing platform, credit card payment processing and more. Some jurors scheduled for this week were excused. If you had to remain in jail, or in the jury room, while systems were restored after a hack, wouldn’t you demand more robust cybersecurity?
Ransomware attack hits German pharmaceutical wholesaler, disrupts medicine supplies
6,000 pharmacies are at risk of being unable to provide essential medicines to their customers. Centrally stored data is a tempting target for those seeking to disrupt vital functions. Decentralized data storage is the answer to stronger data security.
Chinese state-backed hackers breached 20 Canadian government networks over four years, agency warns
The Canadian Centre for Cyber-Security (CCCS) reports that the goal of the hackers included espionage, IP theft, malign influence, and transnational repression. Governments often lag in adopting technological innovations, but we argue that these types of threats demand immediate action to protect their people.
Peru's Interbank reports data breach potentially affecting 2M+ customers
The hackers claim to have stolen Interbank customers' full names, account IDs, birth dates, addresses, phone numbers, email addresses, and IP addresses, as well as credit card and CVV numbers, credit card expiry dates, info on bank transactions, and other sensitive information, including plaintext credentials.
Weekly #Hacktivity Report October 25, 2024
$900,000 Paycom data breach class action settlement
Paycom pays heavily for a settlement that resolves claims the company failed to protect the personally identifiable information (PII) of its customers from a data breach. Hacks cost everyone, and increasingly, those who are also victims.
Change Healthcare hack affects over 100M, largest-ever US healthcare breach
Change Healthcare reported that the data breach and ransom demand occurred in February, but only now has acknowledged the scope of how many people were affected. The data included extensive personally identifying information and patient medical information. The effects of this breach may be felt for years.
Hot Topic Allegedly Breached, Hacker Claims Database With 350M Users
The data breach exposed millions of customer records of Hot Topic and two affiliated brands, BoxLunch and Torrid. The hacker is offering the database for $20,000 while demanding Hot Topic pay $100,000 to have the sale removed. There is no guarantee that the data will be deleted after the ransom is paid.
Henry Schein discloses data breach a year after ransomware attack
The healthcare solutions provider, Henry Schein, disclosed that the company was the victim of two cyberattacks in 2023 that resulted in the theft of the personal information of over 160,000 people. The BlackCat (ALPHV) ransomware group claimed responsibility, The company has offered two free years of credit monitoring and fraud protection.
Weekly #Hacktivity Report October 18, 2024
Each week, we’ll spotlight high-profile stories on cyber attacks, ransomware, identity theft, and other digital crimes. The frequency and impact of these incidents on individuals and businesses are on the rise.
We don’t need to accept this as the norm, nor as simply the price of being online.
Using independently encrypted shared blocks, IronWeave offers unparalleled privacy, security, and scalability. Our patented shared-block architecture empowers you to determine who can see and share your data.
We are ushering in the new era of Read, Write, Own and SECURE. Learn more
Weekly #Hacktivity Report October 18, 2024
$1.575 Mil Behavioral Health Group Data Breach Class Action Settlement
The lawsuit asserts the Health company failed to protect patient data from a December 2021 breach of its systems. What does this settlement mean for individual class members? Class members can receive up to $200 in reimbursement for ordinary data breach-related expenses and up to $200 in lost wages/time. Who thinks this is adequate? No one, especially not the patients whose data was exposed.
The government is getting fed up with ransomware payments fueling endless cycle of cyberattacks
The U.S. government is taking the epidemic of ransomware attacks very seriously and is advising companies not to pay ransoms. Naturally this puts companies in a bind since they must restore business functions to stay solvent. We believe this approach simply isn’t looking at the problem correctly. IronWeave’s secure-private data primitive (a new base online data unit) will proactively address and thwart these kinds of threats.
Wells Fargo class action claims data breach impacted customer info
Consumers are asking for companies to be held responsible for data breaches. The Wells Fargo class action suit, filed in California, claims that Wells Fargo failed to properly protect the sensitive data of their customers and when hacked, waited two years before beginning an investigation into the incident.
Hackers are extorting Globe Life with stolen customer data
Insurance company Globe Life, in a recent filing with the U.S. Securities and Exchange Commission, reports they are being extorted by a hacker who has stolen customers’ sensitive data. So far Global Life claims that 5,000 people have been affected by the breach but the number could go as high as 19 million.
Commercial laundry giant reports data breach
Alliance Laundry Systems, a large commercial laundry company, was the victim of a cybersecurity attack. Data accessed: names, Social Security numbers, financial account information, and driver’s license numbers. At the time of reporting it was not clear specifically what information was taken and who might be affected. That information will almost certainly come out in the wash. Regardless, this incident is a terrible stain on their reputation.
Weekly #Hacktivity Report October 11, 2024
Fidelity says data breach exposed personal data of 77,000 customers
Fidelity confirmed that 77,099 customers were affected by the breach and included Social Security numbers and drivers licenses. Can Fidelity make it right with their customers? Or is it just too late for all that compromised data?
Comcast Cable Discloses Breach of Private Info on More Than 230,000 Customers
What was exposed? Comcast customers’ name, address, Social Security number, date of birth, and Comcast account number and ID numbers used internally at FBCS, (Financial Business and Consumer Solutions), a third-party service provider previously used by Comcast.) How can Comcast repair any damage to their customers? More importantly, can they?
FTC Takes Action Against Matt and Starwood Over Multiple Data Breaches
Sometimes there are consequences. From the FTC’s press release:
“The Federal Trade Commission will require Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC to implement a robust information security program to settle charges that the companies’ failure to implement reasonable data security led to three large data breaches from 2014 to 2020 impacting more than 344 million customers worldwide.” The press release goes on to say, “...Marriott also agreed to pay a $52 million penalty to 49 states and the District of Columbia to resolve similar data security allegations.”
The increasing cost of lax and ineffective data security practices will drive change, as the breach costs outstrip the cost of properly securing the data you are entrusted with. Hacks and breaches are bringing about the end of ‘business as usual’.
Internet History Hacked, Wayback Machine Down—31 Million Passwords Stolenhttps://www.forbes.com/sites/daveywinder/2024/10/10/internet-hacked-wayback-machine-down-31-million-passwords-stolen/
What was taken? Email addresses, screen names, password change timestamps, hashed passwords, and other internal data, A blockchain-based, secure, private data solution - which only IronWeave offers - would have prevented this breach.
Money transfer app hit by major hack that exposed customer social security numbers and bank accounts
MoneyGram has been slow to address what information and how many of their customers have been affected by this data breach. The company claims to have more than 150 million customers across 200 countries and territories.
Weekly #Hacktivity Report October 4, 2024
AT&T, Verizon reportedly hacked to target US govt wiretapping platform
According to the Wall Street Journal, multiple U.S. broadband providers including Verizon, AT&T and Lumen Technologies were breached by Chinese hackers intent on accessing systems used by the U.S. federal government for court-authorized network wiretapping requests. The amount and type of data accessed is still being assessed.
Outlast Developer Red Barrels Suffers Major Data Breach
1.8 terabytes of data were stolen and the perpetrators reportedly gained access to various game source codes, game builds, human resource information, and even company credit card information.
Cyberattack hits Michigan's Wayne County government
Due to the systems that were affected, the jails were not able to process posted bonds to enable the release of prisoners, attorneys could not visit their jailed clients, online tax payments could not be collected, real estate sales could not be recorded nor records accessed. Wayne County has 43 communities, including the city of Detroit, with a population of 1.8 million people.
Outlast Developer Red Barrels Suffers Major Data Breach
Game developer Red Barrels was breached and 1.8 terabytes of data was stolen. According to published reports, 1.8 terabytes of data included credit card details, HR materials, game builds, and the full source code for Outlast and Outlast 2. The potential impact on people’s lives could be severe.
Community Clinic of Maui says 123,000 affected by cyberattack
As many as 123,000 people have been affected in what is believed to have been a ransomware attack. The hackers stole Social Security numbers, passport numbers, financial account numbers with CVV numbers and expiration dates as well as troves of data on medical treatments. As with many of these breaches there could be long term risks of identity theft, fraud, and delays in travel.
Weekly #Hacktivity Report September 27, 2024
Statewide Internet Outage at Delaware Libraries Caused by Hackers
The hackers have demanded that the state of Delaware pay a ransom, state officials are refusing to pay. Instead they plan to entirely rebuild their systems. Meanwhile, students and non-profit organizations who rely on computer services and Internet access from the Delaware library system are unable to do their work. Our hope is they consider a decentralized system.
'Cybersecurity issue' takes MoneyGram offline for three days – and counting (as of 9/24/2024)
MoneyGram has not yet addressed whether said ‘Cybersecurity issue’ is a ransomware attack. Nor has the company said when they expect to restore their systems.
Cybercrooks strut away with haute couture Harvey Nichols data (hats off to the person who thought of this headline)
Customers’ personal information was accessed and the company asserts the vulnerability was fixed. But a centralized system needs only one point of entry for an attack to succeed. It’s time for a data storage model that fixes this systemic flaw. IronWeave offers that solution. [Link to blog]
Wi-fi hack on 19 UK railway stations displays message about terror attacks
When bad actors can breach a public communications network, there can be serious and harmful repercussions. With a single access point, panic-inducing messaging was displayed at 19 locations. We can and should harden the defenses of our online data. [Link to blog]
Dell investigating employee data breach claims
Dell is investigating claims that their systems have been breached, exposing names, company IDs and other personal information about over ten thousand employees. A hacker is reported to have offered a sample of Dell’s data for free and will sell the entire set of data ‘...at a minimal cost’. Someone might wonder, at what point will there be so much data known on an individual that its value will be next to nothing?
Weekly #Hacktivity Report for September 20, 2024
Cyberattacks plague health care. Critics call the federal response 'inadequate'
With the widespread proliferation of cyberattacks, we’re hearing heated discussions as to who should fund better security and which industries should receive improved security. We believe these discussions are beside the point. The centralized data storage model with its single-point-of-failure is not working. IronWeave’s secure, private, and decentralized solution will render these discussions moot.
Hackers Got Record Ransom Of $75M For Cencora Breach
It was a good week to be in the cybercrime business if you didn’t get caught. Pharmaceutical distributor Cencora, a publicly traded company, paid the largest ransom in history at $75 million. Previously the largest payout was $40 million, paid in 2021 by insurance company CNA Financial Corp. Cencora disclosed the hackers accessed and locked personal data including names, addresses, dates of birth, diagnoses, prescriptions and medications. At IronWeave we think there’s enough data to declare centralized storage solutions an antiquated approach to data in our always-online world, and a new unit of data - the IronWeave shared-block - the data unit of the future.
Australia-based Compass Group confirms Medusa ransomware attack
In this case, the ransomware group is demanding $2 million to unlock the company’s data (they can’t all be record setting ransom demands). Compass Group, according to its website, is “Australia’s largest food and support services company.”
Port of Seattle reveals details of ransomware attack, says it refused to pay criminal organization
At the Port of Seattle multiple services, including accounts payable services, contract management, phone service, and the public website, were affected in the attack. As services are restored they are using workarounds to provide essential services and are accelerating plans to improve their digital security. We hope they’re considering decentralized solutions to data security.
Ransomware gangs now abuse Microsoft Azure tool for data theft. The ransomware gangs use Microsoft Azure tools to access their victim’s data and quickly send the large quantities of stolen data to their own servers.
Weekly #Hacktivity Report September 13, 2024
Medicare Data Breach Impacts Almost 1 Million Subscribers
Medicare beneficiaries with compromised Medicare Beneficiary Identifiers will be sent a new card with a new number. That system of data storage is broken. A more reliable, secure, private system like IronWeave will ultimately make our current centralized model obsolete.
Fortinet confirms data breach after allegedly refusing to pay ransom
The irony of a cybersecurity firm being hacked is not lost on us. It brings no joy. Fortinet and the hackers disagree on the extent of the data accessed and it remains to be seen what, if any, effects it will have on the company’s customers.
Data breach at payment processor Slim CD hits 1.7M people
This one left us aghast. The hackers had access to the company’s database for almost one year, credit card information (but not the security numbers) was stolen over the course of two days.
Russian Hackers Hit Taiwan Bourse, Bank In Surprise Attack
The two Russian hacker groups, using Distributed Denial of Service (DDoS) attacks, disrupted Taiwanese financial platforms including the stock exchange and lender Mega Financial Holding Co.’s website.
Weekly #Hacktivity Report September 6, 2024
Each week, we’ll spotlight high-profile stories on cyber attacks, ransomware, identity theft, and other digital crimes. The frequency and impact of these incidents on individuals and businesses are on the rise.
We don’t need to accept this as the norm, nor as simply the price of being online.
Using independently encrypted shared blocks IronWeave offers unparalleled privacy, security, and scalability. Our patented shared-block architecture empowers you to determine who can see and share your data.
We are ushering in the new era of Read, Write, Own and SECURE. Learn more
What happened this week?
Leaked Disney data reveals financial and strategy secrets, WSJ reports Over a terabyte of data was exposed, including business strategy, financial information and personally identifiable information of some employees and customers. This can impact stock valuations, aid competitors, and endanger the people whose personal information has been exposed. We’ll keep an eye on this and report any further developments.
Iran pays millions in ransom to end massive cyberattack on banks, officials say Profit and not ideology appears to have been the motive here. Regardless of motive, it’s in no one’s best interest to destabilize a government.
Ransomware Group May Have Stolen Data From Planned Parenthood It’s not yet known whether any patient data was stolen but it’s yet another example that we need decentralized and private data security.
Hackers steal sensitive personal data in attack on WS Audiology Another example of personal data being compromised. IronWeave offers a better way to safeguard data and keep it private.
Toronto school board confirms students’ info stolen as LockBit claims breach First, ‘We’re confident hackers didn’t get your data’. Then, ‘They got your data but they probably won’t release it publicly’. And then, ‘We took “...a range” of steps to improve security”. Conclusion: Now that the horse is out of the barn, we’ve locked the door. …ok. We need better security for everyone, including schools, governments, and the private sector.
Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users Mobile phone users had their keystrokes logged in this hacking scheme. People’s lives are being ruined. We need better data security now. IronWeave can meet this need.
#Hacktivity Report August 30, 2024
Each week, we’ll spotlight high-profile stories on cyber attacks, ransomware, identity theft, and other digital crimes. The frequency and impact of these incidents on individuals and businesses are on the rise.
We don’t need to accept this as the norm, nor as simply the price of being online.
Using independently encrypted shared blocks IronWeave offers unparalleled privacy, security, and scalability. Our patented shared-block architecture empowers you to determine who can see and share your data.
We are ushering in the new era of Read, Write, Own and SECURE. Learn more
What happened this week?
Hackers steal banking creds from iOS, Android users via PWA apps You can prevent bad actors from accessing your data - if you own and control your data, you can choose what to share and with whom.
Non-Profit ARRL Pays $1 Million Ransom To Decrypt Their Systems After Attack
This story reports ransom being paid by the insurance company. Insurance rates will certainly rise, and hackers can do it again. Not a happy ending, not the right approach.
Whoops: FlightAware Exposes Sensitive Personal Data Of Millions Of Users, Pilots, And Plane Owners
Though not a hack, this data exposure is a direct result of a centralized system. Secure, private, individually owned and managed data units are the answer.
Dick's Sporting Goods hit by cyberattack
As reported in the company’s 8-K report filed with the SEC, the attack gained access to portions of their system that contained ‘certain confidential information’. Various news outlets indicate the company, with over 800 stores across the U.S., has locked all employees out of their accounts and shut down internal email systems.
California Water District Hacked, Preventing Customers from Making Phone Payments
The attack highlights how our essential utilities are vulnerable, and the urgent need to implement decentralized data storage and management.
Weekly #Hacktivity Report August 23, 2024
Each week, we’ll spotlight high-profile stories on cyber attacks, ransomware, identity theft, and other digital crimes. The frequency and impact of these incidents on individuals and businesses are on the rise.
We must not accept this as the norm, nor as simply the price of being online.
Hackers may have stolen the Social Security numbers of every American. Here's how to protect yourself - We include this story again so you can take steps to protect yourself from some of the threats that now exist.
Hackers steal banking creds from iOS, Android users via PWA apps
Bad actors have begun to use progressive web applications to impersonate banking apps, and steal login credentials from Android and iOS users.
Top US oilfield firm Halliburton hit by cyberattack The attack is reported to have affected the company’s Houston offices as well as their global networks. It’s not known whether the attack will affect global oil prices.
Chipmaker Microchip Hit by Cyberattack, Slowing Operations The company serves more than 120,000 customers across the industrial, automotive, consumer, aerospace and defense, communications and computing markets
Toyota admits 240GB data breach The carmaker offered the breach was, “limited in scope,” [it’s just a flesh wound?] but does not know how many customers were impacted.
Crypto firm Unicoin says hacker locked all employees out of Google accounts for four days The hackers then changed passwords of all users G-Mail, G-Drive and other related G-Suite functionality.
Weekly #Hacktivity Report August 15, 2024
Each week, we’ll spotlight high-profile stories on cyber attacks, ransomware, identity theft, and other digital crimes. The frequency and impact of these incidents on individuals and businesses are on the rise.
We must not accept this as the norm or the price of being online.
The most impactful event in cyber hacking news was the revelation that the Social Security numbers of every American have been exposed, along with other personally identifying information. Be sure to follow up on the recommended steps you can take to protect yourself from identity theft and fraud.
What to Know About the Latest Social Security Number Breach
Ransomware Attack Cost LoanDepot $27 Million
ADT confirms data breach after customer info leaked on hacking forum (Does anyone else see the irony?)
Massive data leak may include the personal data of everyone in US, UK, and Canada
US fines T-Mobile $60 million over unauthorized data access
Weekly #Hacktivity Report August 5, 2024
Each week, we spotlight high-profile stories on cyber attacks, ransomware, identity theft, and other digital crimes. The frequency and impact of these incidents on individuals and businesses are on the rise.
We must not accept this as the norm or the price of being online.
Monetary & reputational damage hit hard this week for Meta, Crowdstrike, Microsoft, & HealthEquity. One unnamed company set a grim record with a $75 million ransom—the largest in history. A stark reminder of the cost of inadequate digital security.