Cybersecurity researchers identified an unsecured database containing thousands of customer files uploaded to the company’s secure cloud storage service. The exposed records include information dating back to 2016, which the company eventually secured. However, it’s unclear how long cybercriminals could have accessed this data or why it took Data Deposit Box nearly a week to…
Several employees fell for a phishing scam that compromised students’ personal information. The phishing scam, which took place on January 13th, happened just weeks before the school implemented 2-factor authentication on January 31st. If this effective defensive measure was in place sooner, hackers would not have been able to access employee accounts, even after they…
A phishing scam tricked an employee into providing hackers with email credentials that were used to access and download inbox content remotely. Although the breach was announced on February 5th, the phishing scam was executed in November 2019. It wasn’t discovered until December 2019. As a result, Altice USA will have a difficult time restoring…
An October ransomware attack ultimately forced The Heritage Company to close its doors. Shortly before Christmas, the company informed the staff that their operation was no longer tenable, even noting that the CEO was paying salaries out-of-pocket in an attempt to keep business going while systems were unavailable. Unfortunately, three months after the attack, The…
Authorities are reexamining an August outage at the London Stock Exchange that was initially attributed to a software glitch. The disruption prevented traders from buying or selling shares for more than 90 minutes, and impacted prices on two stock indexes. The incident could have been caused by hackers trying to destabilise markets for their own…
If you’ve been following the news lately, you’ve heard about the recent events between the United States and Iran. The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert in regard to cybersecurity and Iran’s historic use of cyber offensive activities as retaliation. Patterns of known Iranian threat techniques include: credential dumping, obfuscated files or information,…
UniCredit recently discovered an exposed database containing the personal information for millions of the company’s customers. Shockingly enough, the database had been accessible since 2015. The breach sent their share price down by 4%. The bank is spending a significant amount of money to update its IT infrastructure to prevent such an event in the…
Several employees fell for a phishing campaign that compromised their login credentials and patients’ personally identifiable information. Hackers accessed the data between May 24, 2019 and August 28, 2019. As a result, the company will bear the cost of identity and credit monitoring services for all victims, and they will face intense regulatory scrutiny. Check…
