A collection point
...and some of my own.
.
UK: London Charing Cross Gender Identity Clinic Data Leak Victims Could Claim £30,000 in Damages Last year the Charing Cross Gender Identity Clinic sent out mass emails to people using the CC function instead of the BCC function, mistakenly revealing the names and email addresses of close to 2000 people on its email list. This year they could be looking at damages of up to UK£30K+ per person with legal firms still offering to represent those affected. CL: BancoEstado, one of Chile's three biggest banks, was forced to shut down all branches on Monday following a ransomware attack that took place over the weekend. "Our branches will not be operational and will remain closed today," the bank said in a Details about the attack suggest the bank's internal network was infected with the REvil (Sodinokibi) ransomware. Probably through a Word document a backdoor was installed which was used to access the bank's network and install ransomware. Thankfully, the bank had a segregated network in place so the bank's website, banking portal, mobile apps, and ATMs were all untouched. Now we wait to see if BancoEstados data turns up on the REvil Ransomware leak site. AU: Service NSW reveals 738GB of customer data was stolen during email breach Aimee Chanthadavong: Service NSW has revealed that the personal information of 186,000 customers was stolen because of a cyber attack earlier this year on 47 staff email accounts. Following a four-month investigation that began in April, Service NSW said it identified that 738GB of data, which compromised of 3.8 million documents, was stolen from the email accounts. "The data is made up of documents such as handwritten notes and forms, scans, and records of transaction applications. "Across the last four months, some of the analysis has included manual review of tens of thousands of records to ensure our customer care teams could develop a robust and useful notification process. "We are sorry that customers' information was taken in this way." Last week, it was revealed information on thousands of New South Wales driver's licence-holders was breached, with reports indicating a cloud storage folder that had over 100,000 images was mistakenly left open. Cyber Security NSW confirmed a commercial entity was responsible for the breach of scanned driver's licence images. It said it was the responsibility of the commercial entity to investigate this matter and notify any customers if their data had been breached. UK: Newcastle University hit by cyber attack "Our teams are working with a number of agencies to address the current issues and are taking further measures to secure the IT estate. The nature of the problem means this will be an on-going situation for some time and it will take several weeks to address. Please be aware: * Many IT services are not operating and will remain that way for the duration. * IT services that are operating may need to be taken down without notice. * Colleagues may lose access to their IT accounts without notice and they may not be re-enabled quickly. * NUIT may need access to any IT system you keep or use. * We may need to remove PCs, servers or other devices if we find out they are impacted, in order to carry out detail investigations" Both the Information commissioner's Office and the Police have been notified in what appears to be a ransomware attack. US: Critical Infrastructure and Cyber-Physical Security Tara Seals: As 5G accelerates the integration of Internet of Things (IoT) devices onto and into systems and previously non-integrated networks the responsibilities of CEOs are increased, especially in areas where life and death systems are incorporated. These convergences are mainly found in critical infrastructure and clinical healthcare environments for now, but will become more widely deployed with the expansion of 5G, and as innovations in the world of smart buildings, smart cities, connected cars and autonomous vehicles, and telehealth/remote surgery continue to roll out, the Gartner noted. In these environments, “incidents can quickly lead to physical harm to people, destruction of property or environmental disasters,” according to the firm. “Gartner analysts predict that incidents will rapidly increase in the coming years due to a lack of security focus and spending currently aligning to these assets.” Gartner also predicted that the financial impact of CPS attacks resulting in fatal casualties will reach more than $50 billion by 2023. This encompasses the costs for organizations in terms of compensation for loss-of-life, litigation, insurance, regulatory fines and reputation loss. “Regulators and governments will react promptly to an increase in serious incidents resulting from failure to secure CPSs, drastically increasing rules and regulations governing them,” said Katell Thielemann, research vice president at Gartner, in a media statement. “In the U.S., the FBI, NSA and Cybersecurity and Infrastructure Security Agency (CISA) have already increased the frequency and details provided around threats to critical infrastructure-related systems, most of which are owned by private industry. Soon, CEOs won’t be able to plead ignorance or retreat behind insurance policies.” “Keep an eye out for any regulation that might come into force as a result of the first cyber-physical casualty,” Thielemann added. Global: Money from bank hacks rarely gets laundered through cryptocurrencies. Despite being considered a cybercrime haven, cryptocurrencies play a very small role in laundering funds obtained from bank hacks; the SWIFT financial organization said in a report last week. "Identified cases of laundering through cryptocurrencies remain relatively small compared to the volumes of cash laundered through traditional methods," said SWIFT, the organization that runs the SWIFT inter-bank messaging system used by almost all banks across the world to wire funds across borders. These traditional methods include the use of money mules, front companies, cash businesses, and investments back into other forms of crime, such as drug trade or human trafficking. SWIFT said that incidents where hackers laundered money via cryptocurrencies have been very rare. Leave a Reply. |
Linking the world
Sharing is caring Archives
May 2024
Categories |