Security News

Brazil's Superior Tribunal de Justiça has temporarily shut down after a suspected ransomware attack. The Tribunal is second-highest of Brazil's courts and is the highest court that decides on federal matters other than constitutional law.

Florida-based private prison operator GEO Group this week revealed that it was recently targeted in a cyberattack that involved ransomware and which may have resulted in the theft of sensitive information. The GEO Group operates over 120 jails, rehabilitation facilities, processing centers, and community reentry centers in North America, the UK, Australia and South Africa.

Folksam, one of the largest insurance companies in Sweden, today disclosed a data breach affecting around 1 million Swedes after sharing customers' personal info with multiple technology giants. The insurer discovered the data breach after an internal audit according to Jens Wikström, Head of Marketing and Sales at Folksam, and reported the incident to the Swedish Data Protection Authority.

The company's response was less than solid gold - it took months to notify its users of the breach. In a notice sent to its online customers, the company said that it became aware of suspicious activity on its website on July 6.

Texas-based precious metals dealer JM Bullion has informed some customers that their payment card information may have been stolen by cybercriminals, but the disclosure came months after the breach was discovered. The company claims on its website that customer information is kept secure through "256-bit SSL encryption" and that it does not have access to payment card information as it's processed by a third party.

Britain's data privacy watchdog on Friday said it has fined US hotels group Marriott over a data breach affecting millions of customers worldwide. The UK Information Commissioner's Office said in a statement it fined Marriott £18.4 million for breaches of data that included personal information such as passport numbers since March 2018.

Singapore's largest online grocery store Lazada Redmart has suffered a data breach after 1.1 million user accounts were put up for sale on a hacker forum. Hackers selling the illicit data dumps told BleepingComputer they had obtained Lazada's MongoDB-based data set with data from over 1.1 million RedMart accounts.

Home Depot has exposed the private order confirmations of hundreds of Canadian consumers, containing names, physical addresses, email addresses, order details and partial credit-card information. After customers began reporting that they had received hundreds of emails from the home-improvement giant, each containing an order confirmation for a stranger, the company confirmed the issue.

Professor who specializes in security says we often treat a breach like a home break-in, adding security after the theft. I think companies and corporations moving forward, if they had cybersecurity experts to let them know that, "Your data is at risk or there are parts of data or your organization could be at risk. We need to secure this, and how do we secure this and how do we police this? And what are security policies?" Then I think the companies would be in a better position, not to say that we're going to eliminate that because it's just like your house.

Russian-speaking hacking group Turla has hacked into the systems of an undisclosed European government organization according to a new Accenture Cyber Threat Intelligence report. Government entities are advised by ACTI to check network logs for indicators of compromise included at the end of the report and to build detections capable of blocking future Turla attacks.