Data Breach | SC Media

Data Breach

LeBron James among the 1st stars to have their stolen law firm files put up for auction

The Sodinokibi/REvil ransomware gang has apparently made good on its threat to auction off files it lifted from celebrity law firm Grubman Shire Meiselas & Sacks. The group on July 1 reportedly placed legal documents corresponding to Nicki Minaj, Mariah Carey and LeBron James up for bid, with the starting price set at $600,000 per…

NetWalker ransomware group claims attack on Fort Worth transportation agency

Another Texas-based government institution may have fallen victim to ransomware actors. According to a reliable source, the cybercriminals behind the malicious encryptor NetWalker have published online evidence of an attack on Trinity Metro, a transit agency that operates bus and commuter rail transportation services in Fort Worth and its nearby Tarrant County suburbs. Trinity Metro…

Magecart skimmed from Claires.com for nearly two months

International retailer Claire’s, whose fashion accessories are popular with tweens and teenagers, was hit with a Magecart scheme that skimmed PPI, including credit card data, for nearly two months. Discovered by researchers at security firm Sansec, the malware injection began on April 20 and stopped on June 13. The skimming began on March 20, the…

Amtrak breach impacts unknown number of Guest Rewards accounts

Amtrak has alerted an unknown number of Guest Rewards customers it suffered a data breach at the hands of an unknown third party that gained unauthorized access to certain accounts. A notification letter signed by Vicky Radke, Amtrak’s senior director of Guest Rewards, and posted by the offices of the California and Vermont attorneys-general, informs impacted individuals that compromised…

Test platform leaks Bank of America clients’ Covid-19 PPP loan applications

Bank of America has disclosed that it briefly exposed certain business clients’ Paycheck Protection Program (PPP) applications to outside parties after uploading the documents onto a test platform. The incident bears similarities to the recent news of at least states mistakenly exposing application information related to the Pandemic Unemployment Assistance (PUA) program. Both the PPP…

Malicious actor holds at least 31 stolen SQL databases for ransom

A malicious cyber actor or hacking collective has reportedly been sweeping the internet for online stores’ unsecured SQL databases, copying their contents, and threatening to publish the information if the rightful owners don’t pay up. The perpetrator has stolen the copied versions of at least 31 SQL databases, which have been put up for sale…

Six need-to-know takeaways from the Verizon breach report

Phishing attacks and stolen credentials have become attackers’ most popular avenues of network compromise, and employee errors are helping pave the way according to Verizon’s newly released 2020 Data Breach Investigations Report (DBIR). Verizon researchers analyzed 157,525 known “incidents” (defined as a security event that results in the compromise of an information asset) and 3,950…

Defending the database

22 million emails found in mystery open database

An otherwise unremarkable find of an open Elasticsearch database containing millions of records became a Sherlock Holmes mystery as researchers cannot figure out the database’s origins. Security researcher Troy Hunt, of Have I Been Pwned, was informed in February about an open database he has named db8151dd containing 90GB of data containing 22.8 million emails.…

Hollywood

REvil hackers extort law firm with Lady Gaga, Nicki Minaj, Elton John as clients

Cyberattackers have breached a high-profile entertainment and media law firm, infecting the practice with ransomware and stealing files that apparently pertain to its star clients, including Lady Gaga, Madonna, Elton John, Barbara Streisand, Bruce Springsteen, Mariah Carey and Mary J. Blige. A cyber analyst who requested anonymity provided SC Media with content posted on the…

Next post in Ransomware