Silence gets you nowhere in a data breach
An important lesson in how not to respond to a breach, courtesy of LastPass and Fortra.
Read more
data breach
Fortra told breached companies their data was safe
Software maker Fortra told its corporate customers that their data was safe — even when it wasn’t — following a ransomware attack on its systems, TechCrunch has learned. As we have been reporting, the Clop ransomware gang exploited a newly discovered bug in Fortra’s GoAnywhere file transfer software, used by thousands of organizations to transfer […]
Read more
Kids tech camp iD Tech still silent weeks after data breach
Parents are still looking for answers weeks after hackers stole the personal data of thousands of users from kids’ tech coding camp iD Tech, with some fearing that their children’s data was compromised in the data breach. iD Tech, which provides on-campus classes and online tech and coding courses for kids, has yet to acknowledge […]
Read more
New victims come forward after mass-ransomware attack
The number of victims affected by a mass-ransomware attack, caused by a bug in a popular data transfer tool used by businesses around the world, continues to grow as another organization tells TechCrunch that it was also hacked. Canadian financing giant Investissement Québec confirmed to TechCrunch that “some employee personal information” was recently stolen by […]
Read more
Ferrari says ransomware attack exposed customers’ personal data
Italian supercar manufacturer Ferrari has confirmed it was hit by a ransomware attack that exposed customers’ personal information. “We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment,” Ferrari CEO Benedetto Vigna said in a letter sent to […]
Read more
Dish customers kept in the dark as ransomware fallout continues
Dish customers are still looking for answers two weeks after the U.S. satellite television giant was hit by a ransomware attack. In a public filing published on February 28, Dish confirmed that ransomware was to blame for an ongoing outage and warned that hackers exfiltrated data, which “may” include customers’ personal information, from its systems. […]
Read more
Security giant Rubrik says hackers used Fortra zero-day to steal internal data
Silicon Valley-based data security company Rubrik has come forward as the latest victim of the Fortra GoAnywhere zero-day vulnerability, which has been linked to hacks targeting a hospital chain and a bank. In a blog post published on Tuesday, Rubrik’s chief information security officer Michael Mestrovich said that attackers had gained access to the company’s […]
Read more
Ring won’t say if it was hacked after ransomware gang claims attack
A notorious ransomware gang is threatening to leak data allegedly involving Amazon-owned video surveillance company Ring. On Monday, the ransomware group ALPHV listed the video doorbell maker Ring as a victim on its dark website. “There’s always an option to let us leak your data,” the Russia-linked group wrote alongside the listing, seen by TechCrunch. […]
Read more
SEC charges Blackbaud for failing to disclose ‘full impact’ of ransomware attack
Software house Blackbaud has agreed to pay $3 million to settle charges related to a May 2020 ransomware attack that exposed customers’ bank account data, the U.S Security and Exchange Commission said on Thursday. The SEC charged Blackbaud, whose cloud software is used by colleges, universities, nonprofits and far-right organizations, for making “misleading disclosures” about […]
Read more
PeopleGrove security lapse exposed users’ personal information
PeopleGrove confirmed Thursday that it’s investigating after a security lapse exposed users’ personal information online. The company, formerly CampusKudos, which provides and hosts a social platform for higher education institutions and alumni networks, left the server hosting an internal database exposed to the internet without a password, allowing anyone to access the data using only […]
Read more