Security News

Arthur J. Gallagher, a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September. "Working with the cybersecurity and forensic specialists to determine what may have happened and what information may have been affected, we determined that an unknown party accessed or acquired data contained within certain segments of our network between June 3, 2020 and September 26, 2020," AJG said.

In yet another sign that the Russian hackers who breached SolarWinds network monitoring software to compromise a slew of entities never really went away, Microsoft said the threat actor behind the malicious cyber activities used password spraying and brute-force attacks in an attempt to guess passwords and gain access to its customer accounts. Nobelium is the name assigned by Microsoft to the nation-state adversary responsible for the unprecedented SolarWinds supply chain attacks that came to light last year.

The same group behind the SolarWinds supply-chain attacks has been targeting Microsoft's corporate networks to gain access to specific organizations - primarily, U.S.-based IT and government organizations. Microsoft officially announced the attacks after Reuters obtained an email sent to customers which explained that the threat group Nobelium stole customer-service-agent credentials to gain access and launch attacks against Microsoft customers.

Mercedes-Benz USA has just disclosed a data breach impacting some of its customers. The company assessed 1.6 million customer records which included customer names, addresses, emails, phone numbers, and some purchased vehicle information to determine the impact.

The City of Tulsa, Oklahoma, is warning residents that their personal data may have been exposed after a ransomware gang published police citations online. The attack disrupted Tulsa's online bill payment systems, utility billing, and email, as well as the websites for the City of Tulsa, the Tulsa City Council, Tulsa Police, and the Tulsa 311.

A fertility clinic serving the Atlanta area has been hit with a ransomware attack that also exposed private health information for 38,000 of its patients. "We discovered that a file server containing embryology data was encrypted and therefore inaccessible," according to the notice.

A Georgia-based fertility clinic has disclosed a data breach after files containing sensitive patient information were stolen during a ransomware attack. In a data breach notification issued by both RBA and its affiliate MyEggBank, RBA states that they first learned that they were hit by a ransomware attack on April 16th, 2021, when "a file server containing embryology data was encrypted and therefore inaccessible."

Poland's deputy prime minister Jaros?aw Kaczy?ski says last week's breach of multiple Polish officials' private email accounts was carried out from servers within the Russian Federation. "After reading the information provided to me by the Internal Security Agency and the Military Counterintelligence Service, I inform you that the most important Polish officials, ministers, and deputies of various political options were subject to a cyber attack," Kaczy?ski said in a statement published today.

Wegmans Food Markets notified customers that some of their information was exposed after the company became aware that two of its databases were publicly accessible on the Internet because of a configuration issue. Wegmans is a 106-store major regional supermarket chain with stores in the mid-Atlantic and Northeastern regions.

Carnival Corp. said Thursday that a data breach in March might have exposed personal information about customers and employees on Carnival Cruise Line, Holland America Line and Princess Cruises. The breach comes after Carnival was hit twice last year by ransomware attacks.