Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cybersecurity Breach. Show all posts
Ransomware attack
cyber attack Cybersecurity Breach Data Breach data security Lee Enterprises newspaper hack Ransomware attack

Lee Enterprises Confirms Ransomware Attack Impacting 75+ Publications

 

Lee Enterprises, a major newspaper publisher and the parent company of The Press of Atlantic City, has confirmed a ransomware attack that disrupted operations across at least 75 publications. The cybersecurity breach caused widespread outages, impacting the distribution of printed newspapers, subscription services, and internal business operations.

The attack, first disclosed to the Securities and Exchange Commission (SEC) on February 3, led to significant technology failures, affecting essential business functions. In an official update to the SEC, Lee Enterprises reported that hackers gained access to its network, encrypted key applications, and extracted files—common tactics associated with ransomware incidents.

As a result of the attack, the company's ability to deliver newspapers, process billing and collections, and manage vendor payments was severely affected. “The incident impacted the Company’s operations, including distribution of products, billing, collections, and vendor payments,” Lee Enterprises stated in its SEC filing.

With a vast portfolio of 350 weekly and specialty publications spanning 25 states, Lee Enterprises is now conducting a forensic investigation to assess the extent of the data breach. The company aims to determine whether hackers accessed personal or sensitive information belonging to subscribers, employees, or business partners.

By February 12, the company had successfully restored distribution for its core publications. However, weekly and ancillary publications are still facing disruptions, accounting for approximately five percent of the company's total operating revenue. While recovery efforts are underway, full restoration of all affected services is expected to take several weeks.

Cybersecurity experts have warned that ransomware attacks targeting media organizations can have severe consequences, including financial losses, reputational damage, and compromised data security. The increasing frequency of such incidents highlights the urgent need for media companies to strengthen their cybersecurity defenses against evolving cyber threats.

Growing Cybersecurity Threats in the Media Industry


The publishing industry has become an attractive target for cybercriminals due to its reliance on digital infrastructure for content distribution, subscription management, and advertising revenue. Recent high-profile cyberattacks on media organizations have demonstrated the vulnerability of traditional and digital publishing operations.

While Lee Enterprises has not yet disclosed whether a ransom demand was made, ransomware attacks typically involve hackers encrypting critical data and demanding payment for its release. Cybersecurity experts caution against paying ransoms, as it does not guarantee full data recovery and may encourage further attacks.

As Lee Enterprises continues its recovery process, the company is expected to implement stronger cybersecurity measures to prevent future breaches. The incident serves as a reminder for organizations across the media sector to enhance their security protocols, conduct regular system audits, and invest in advanced threat detection technologies.
Read more »
trending news
Cybersecurity Breach Data Breach EU News SecurityScorecard trending news

Third-Party Data Breaches Expose Cybersecurity Risks in EU's Largest Firms

A recent report by SecurityScorecard has shed light on the widespread issue of third-party data breaches among the European Union’s top companies. The study, which evaluated the cybersecurity health of the region’s 100 largest firms, revealed that 98% experienced breaches through external vendors over the past year. This alarming figure underscores the vulnerabilities posed by interconnected digital ecosystems.

Industry Disparities in Cybersecurity

While only 18% of the companies reported direct breaches, the prevalence of third-party incidents highlights hidden risks that could disrupt operations across multiple sectors. Security performance varied significantly by industry, with the transport sector standing out for its robust defenses. All companies in this sector received high cybersecurity ratings, reflecting strong proactive measures.

In contrast, the energy sector lagged behind, with 75% of firms scoring poorly, receiving cybersecurity grades of C or lower. Alarmingly, one in four energy companies reported direct breaches, further exposing their susceptibility to cyber threats.

Regional differences also emerged, with Scandinavian, British, and German firms demonstrating stronger cybersecurity postures. Meanwhile, French companies recorded the highest rates of third- and fourth-party breaches, reaching 98% and 100%, respectively.

Ryan Sherstobitoff, Senior Vice President of Threat Research and Intelligence at SecurityScorecard, stressed the importance of prioritizing third-party risk management. His remarks come as the EU prepares to implement the Digital Operational Resilience Act (DORA), a regulation designed to enhance the cybersecurity infrastructure of financial institutions.

“With regulations like DORA set to reshape cybersecurity standards, European companies must prioritise third-party risk management and leverage rating systems to safeguard their ecosystems,” Sherstobitoff stated in a media briefing.

Strengthening Cybersecurity Resilience

DORA introduces stricter requirements for banks, insurance companies, and investment firms to bolster their resilience against cyberattacks and operational disruptions. As organizations gear up for the rollout of this framework, addressing third-party risks will be crucial for maintaining operational integrity and adhering to evolving cybersecurity standards.

The findings from SecurityScorecard highlight the urgent need for EU businesses to fortify their digital ecosystems and prepare for regulatory demands. By addressing third-party vulnerabilities, organizations can better safeguard their operations and protect against emerging threats.

Read more »
Ransom Demand
CloudSEK Customer Data Customer Data Exposed Cybersecurity Breach Data Breach Fortnite IAM system MFA Ransom Demand

Fortinet Cybersecurity Breach Exposes Sensitive Customer Data

 

Fortinet experienced a significant cybersecurity breach involving a third-party cloud drive, where 440 GB of data was leaked by a hacker named “Fortibitch” after the company refused to pay the ransom. The breach affected about 0.3% of Fortinet’s customers, roughly 1,500 corporate users, and included sensitive information such as financial documents, HR data, customer details, and more. Experts highlight that the breach underscores the critical need for implementing rigorous cybersecurity measures like multi-factor authentication (MFA) and robust identity access management (IAM) systems. 

Multi-factor authentication is particularly emphasized as a vital layer of defense against unauthorized access, significantly reducing the risk of data exposure when combined with strong identity access management. Organizations need to ensure that they enforce MFA and other identity management protocols consistently, especially for accessing essential systems like SharePoint and cloud storage services. Jim Routh, Chief Trust Officer at Saviynt, pointed out the growing concern over cloud security, given its increased adoption in software development and data storage. He stressed that without proper safeguards, such as MFA and secure access controls, sensitive data is at risk of exposure. 

Cybersecurity analyst Koushik Pal from CloudSEK echoed this sentiment, advocating for stricter IAM policies and urging organizations to regularly monitor repositories for potential misconfigurations, exposed credentials, or sensitive data leaks. This kind of vigilance is necessary for all teams to adhere to security best practices and minimize vulnerabilities. Relying on third-party vendors for data storage, as Fortinet did, is not inherently dangerous but introduces additional risks if strict security protocols are not enforced. The breach serves as a reminder that even established cybersecurity companies can fall victim to attacks, highlighting the need for ongoing vigilance. 

According to Routh, it’s crucial for system administrators to manage accounts meticulously, ensuring that identity access management protocols are properly configured and that privileged access is monitored effectively. The breach exemplifies how cybercriminals exploit security weaknesses to gain unauthorized access to sensitive data. As cloud technologies continue to be integrated into businesses, the responsibility to protect data becomes increasingly important. Cybersecurity experts emphasize that organizations must invest in proper training, regularly update security measures, and remain vigilant to adapt to evolving cyber threats. 

Ensuring that MFA, identity management systems, and monitoring practices are in place can go a long way in protecting against similar breaches in the future. This Fortinet incident serves as a wake-up call, showing that no organization is entirely immune to cyber threats, regardless of its expertise in cybersecurity.
Read more »
Personal Information
Customer Data Customer Data Exposed Cybersecurity Breach Data Breach Data Leak Data protection Personal Information

Avis Data Breach Exposes Over 400,000 Customers’ Personal Information

 

Over 400,000 customers of Avis, a prominent car rental company known for its presence at U.S. airports, have had their personal data compromised in a recent cybersecurity breach. The company revealed the incident to the public on Monday, stating that the breach occurred between August 3 and August 6. Avis, which is part of the Avis Budget Group, sent notifications to affected customers last week, advising them on how to protect themselves from potential identity theft or fraud. 

The Avis Budget Group, which owns both Avis and Budget, operates over 10,000 rental locations across 180 countries, generating $12 billion in revenue in 2023, according to its most recent financial report. However, the recent data breach has cast a shadow over its operations, highlighting vulnerabilities in its data security measures. In a data breach notice filed with the Iowa Attorney General’s office, Avis disclosed that the compromised information includes customer names, dates of birth, mailing addresses, email addresses, phone numbers, credit card details, and driver’s license numbers. 

A separate filing with the Maine Attorney General revealed that the data breach has impacted a total of 299,006 individuals so far. Texas has the highest number of affected residents, with 34,592 impacted, according to a report filed with the Texas Attorney General. The fact that sensitive personal information was stored in a manner that allowed it to be accessed by cybercriminals has raised serious questions about the company’s data protection practices. Avis first became aware of the data breach on August 5 and took immediate steps to stop the unauthorized access to its systems.

The company stated that it had launched a comprehensive investigation into the incident and enlisted third-party security consultants to help identify the breach’s origins and scope. Avis has not yet disclosed specific details about the nature of the attack, the vulnerabilities exploited, or the identity of the perpetrators, leaving many questions unanswered. This breach underscores the growing challenges faced by companies in protecting customer data in an increasingly digital world. While Avis acted quickly to contain the breach, the company’s reputation could suffer due to the extent of the data compromised and the sensitive nature of the information accessed. 

The breach also serves as a reminder of the importance of robust cybersecurity measures, especially for businesses that handle large volumes of personal and financial data. The incident has also prompted scrutiny from regulators and data privacy advocates. Many are questioning how sensitive customer information was stored and protected and why it was vulnerable to such an attack. Companies like Avis must ensure they are equipped with advanced security systems, encryption protocols, and regular audits to prevent such breaches from occurring in the future. As the investigation continues, Avis customers are advised to monitor their financial accounts closely, watch for signs of identity theft, and take appropriate measures.
Read more »
Ransomware attack
banking service outage Cyber Security Cybersecurity Breach online banking disruption Patelco Credit Union Phishing email Ransomware attack

Ransomware Attack on Patelco Credit Union Disrupts Services for Nearly Half a Million Members

 

A ransomware attack on Bay-area Patelco Credit Union has disrupted banking services for nearly half a million members, and the outage could persist for weeks.

The credit union announced the attack on June 29 via Twitter. The affected services include online banking, the mobile app, direct deposits, transfers, debit and credit card transactions, Zelle, balance inquiries, online bill payments, and monthly statements, among others.

Patelco Credit Union, based in Dublin, California, serves the San Francisco Bay Area and Northern California. In addition to consumer banking, it offers mortgage origination, home equity lines of credit, and mortgage refinancing.

Patelco CEO Erin Mendez issued a statement on Wednesday confirming that cybersecurity specialists have validated the "core systems" and assured members that their money is "safe and secure." However, she mentioned that full system functionality is not expected to be restored over the weekend.

"I know this continues to cause our members frustration and many of you have questions," she said, promising that any fees incurred due to the shutdown will be waived. "We hear your concerns and are working around the clock to address them. Our team is committed to doing everything we can to support our members through this difficult situation."

The Mercury News reported that hackers infiltrated the bank’s internal databases via a phishing email, encrypting its contents and locking the bank out of its systems.

Operating as a nonprofit cooperative, Patelco holds $9 billion in assets. Despite providing daily updates since the attack, there is no clear timeline for when systems will be fully restored, and further outages are possible.

Services that remain operational include check and cash deposits, ATM withdrawals, ACH transfers, ACH for bill payments, and in-branch loan payments.
Read more »
Ransomware attack
banking service outage Cyber Security Cybersecurity Breach financial services disruption member frustration online banking down Patelco Credit Union Ransomware attack

Patelco Credit Union Working Diligently to Recover from Security Incident

 

A ransomware attack on Patelco Credit Union in the Bay Area has disrupted banking services for nearly half a million members, with the outage potentially lasting for weeks.

The credit union announced the attack on June 29 through Twitter. Affected services include online banking, the mobile app, direct deposits, transfers, debit and credit card transactions, Zelle, balance inquiries, online bill payments, and monthly statements.

Besides consumer banking, Patelco Credit Union also provides mortgage origination, home equity lines of credit, and mortgage refinancing. Headquartered in Dublin, California, the credit union serves the San Francisco Bay Area and Northern California.

On Wednesday, Patelco CEO Erin Mendez issued a statement confirming that their cybersecurity team has validated the "core systems" and assured members that their funds are "safe and secure." However, she noted that the systems would not be operational by the weekend.

“I understand this situation continues to frustrate our members and that many have questions,” Mendez said. She added that any fees resulting from the outage would be waived. “We are aware of your concerns and are working tirelessly to resolve them. Our team is fully dedicated to supporting our members during this challenging time.”

According to The Mercury News, hackers accessed the bank’s internal databases via a phishing email, encrypting the contents and locking the bank out of its systems.

Patelco, a nonprofit cooperative with $9 billion in assets, has been providing daily updates since the attack but has not provided a specific timeline for when services will be fully restored. They have also cautioned that further outages may occur.

Currently, members can still perform check and cash deposits, ATM withdrawals, ACH transfers, ACH bill payments, and in-branch loan payments.
Read more »
security measures
Cyber Attacks Cybersecurity Breach data security Hotel Chains Ransomware attack Restaurant Chain security measures

Panera Bread and Omni Hotels Hit by Ransomware Outages: What You Need to Know

 

In a tumultuous turn of events, Panera Bread and Omni Hotels were thrust into the chaos of ransomware attacks, unleashing a cascade of disruptions across their operations and customer services. 

Panera Bread, celebrated for its culinary delights and pioneering loyalty programs, found itself in the throes of a massive outage that paralyzed its internal IT infrastructure, communication channels, and customer-facing platforms. The ransomware strike, striking on March 22, 2024, encrypted critical data and applications, plunging employees and patrons into disarray amidst the ensuing turmoil. 

Among the litany of grievances, Panera Sip Club members were left disheartened by their inability to savour the benefits of their subscription, notably the tantalizing offer of unlimited drinks at a monthly fee of $14.99. The frustration reverberating among members underscored the profound repercussions of cyber incidents on customer experience and brand loyalty. 

As of January 23, 2024, Panera Bread and its franchise network boasted an extensive presence with 2,160 cafes sprawled across 48 U.S. states and Ontario, Canada. However, the ransomware onslaught cast a shadow over the company's expansive footprint, laying bare vulnerabilities in cybersecurity defenses and underscoring the imperative for robust incident response protocols. 

In tandem, Omni Hotels grappled with a parallel crisis as ransomware-induced IT outages wreaked havoc on reservation systems and guest services. The bygone week witnessed a flurry of disruptions, from protracted check-in delays averaging two hours to resorting to manual interventions to grant access to guest rooms. 

The financial fallout of these cyber calamities remains nebulous, yet the toll on customer trust and brand reputation is palpable. The opacity shrouding the attacks has only exacerbated apprehensions among employees and patrons alike, accentuating the exigency for fortified cybersecurity measures and transparent communication strategies.

Amidst the evolving threat landscape, organizations must fortify their cybersecurity defenses and hone proactive strategies to avert the pernicious impact of cyber threats. From regular data backups and comprehensive employee training to the formulation of robust incident response blueprints, preemptive measures are pivotal in blunting the impact of cyber onslaughts and fortifying resilience against future incursions. 

The ransomware assaults on Panera Bread and Omni Hotels serve as poignant reminders of the pervasive menace posed by cyber adversaries. By assimilating the lessons gleaned from these incidents and orchestrating proactive cybersecurity initiatives, businesses can bolster their resilience and safeguard the interests of stakeholders, employees, and patrons alike.
Read more »
security measures
Axie Infinity co-founder crypto community cryptocurrency theft Cyber Security Cybersecurity Breach Digital Assets Hackers personal accounts security measures

Hackers Steal Nearly $10 Million from Axie Infinity Co-founder’s Personal Accounts

 

A significant amount of cryptocurrency, valued at nearly $10 million, has been reported stolen from personal accounts belonging to Jeff "Jihoz" Zirlin, one of the co-founders associated with the video game Axie Infinity and its affiliated Ronin Network.

According to reports, Zirlin's wallets were compromised, resulting in the theft of 3,248 ethereum coins, equivalent to approximately $9.7 million. Zirlin took to social media to confirm the incident, stating that two of his accounts had been breached. 

However, he emphasized that the attack solely targeted his personal accounts and did not affect the validation or operations of the Ronin chain or Axie Infinity,as reiterated by Aleksander Larsen, another co-founder of the Ronin Network.

The method through which the intruders gained access to Zirlin's wallets remains unclear. The Ronin Network serves as the underlying infrastructure for Axie Infinity, a game renowned for its play-to-earn model based on ethereum, particularly popular in Southeast Asia. 

Notably, the system had previously fallen victim to a $600 million cryptocurrency heist in March 2022, an attack attributed by U.S. prosecutors to the Lazarus Group, a cybercrime operation allegedly backed by North Korea.

Analysts tracking the recent theft traced the stolen funds to activity on Tornado Cash, a cryptocurrency mixer designed to obfuscate the origin of funds. It's worth noting that Lazarus had previously utilized this mixer to launder proceeds from the 2022 hack. The U.S. government, in response, had separately imposed sanctions on Tornado Cash.

Blockchain investigator PeckShield described the incident as a "wallet compromise," indicating a breach in security measures. Despite the breach, Zirlin assured stakeholders of the stringent security protocols in place for all activities related to the Ronin chain.
Read more »
Subscribe to: Posts (Atom)