For at least the last four years, the California Department of Motor Vehicles had mistakenly given seven government entities access to Social Security number information pertaining to roughly 3,200 drivers and license applicants, the state agency has admitted in a data breach notification. “You are being sent the attached Notice regarding the disclosure of Social…
A ransomware attack last weekend struck the network of the Canadian territory Nunavut, severely impeding a bevy of government services that rely on access to systems and electronic files. The attack took place on Saturday afternoon, encrypting files on government servers and workstations and crippling email and other internet-based communications. The only service to be…
An threat actor that calls itself the “Shadow Kill Hackers” has executed a data breach and ransomware attack against City of Johannesburg, South Africa — the second time in four months that the metropolis has contended with a cyber extortion plot. Via its official Twitter account yesterday, city officials acknowledged the incident as simply a…
Several members-only dark web forums are reportedly auctioning what appears to be a stolen government database featuring the personal information of 92 million Brazilian citizens. The 16GB SQL database contains such information as name, birth date, mother’s name, gender and tax details including taxpayer IDs, according to BleepingComputer, which credits the discovery to a researcher…
The FBI yesterday issued a new public service announcement regarding the ongoing ransomware epidemic, emphasizing that attacks are becoming more targeted since early 2018, with losses increasingly significantly in that time. The alert is intended to update and supplement a previous ransomware warning that the FBI issued back in September 2016, and specifically identifies state…
The U.S. Senate last week passed a bill requiring the Department of Homeland Security to maintain cyber hunt and incident response teams, while the House passed one that instructs DHS to share protocols for mitigating cyber vulnerabilities. The Senate bill, S.315, aka the DHS Cyber Hunt and Incident Response Teams Act of 2019, passed by…
The crudely written ransom notes in movies 20-30 years ago may have been replaced by more modern, digital missives – like a texted photo a la Liam Neeson’s “Taken” – but the message remains the same: Pay up or else. That is the quandary business owners, municipal governments, school administrators and even librarians are now…
Twenty-seven nations signed a statement today reaffirming their commitment to constructing a framework for responsible state behavior in cyberspace. The statement, Advancing Responsible State Behavior in Cyberspace, created a framework for the nations to show their continuing support for the international rules-based order, and encourage its adherence, implementation and further development, including at the ongoing…
For the second time since 2017, the third-party government bill-payment portal Click2Gov has experienced a significant data breach affecting thousands of individuals in multiple cities across the U.S. Government entities use the Click2Gov portal to accept payments for permits, licenses, fines and utilities. Discovered by fraud intelligence experts at Gemini Advisory, this latest attack compromised…
The Federal Emergency Management Agency (FEMA) last week publicly acknowledged that for roughly 10 years it unnecessarily exposed the personally identifiable information of roughly 2.5 million disaster survivors to a third-party contractor. FEMA does not believe citizens’ data was compromised due to the error, which was originally reported last month by the U.S. Department of Homeland…
