Security News

U.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans.LoanDepot is one of the largest nonbank retail mortgage lenders in the USA, employing approximately 6,000 people and servicing loans of over $140 billion.

The Memorial University of Newfoundland continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus. MUN is the largest public university in Atlantic Canada, with an academic and administrative staff of 3,800, and over 19,000 students from 100 countries.

Museum software solutions provider Gallery Systems has disclosed that its ongoing IT outages were caused by a ransomware attack last week. In a customer notification shared with BleepingComputer, Gallery Systems said it suffered a ransomware attack on December 28th, causing the company to take systems offline to prevent further devices from being encrypted.

The company states that the attackers only breached a small number of accounts during the credential-stuffing attacks. The increasing DDoS attacks and their impact led the U.S. Cybersecurity and Infrastructure Security Agency to release an advisory about these incidents.

Eagers Automotive has announced it suffered a cyberattack and was forced to halt trading on the stock exchange as it evaluates the impact of the incident. Eagers Automotive is the largest operator of car dealerships in Australia and New Zealand, with over 300 selling points for brands such as Toyota, BMW, Nissan, Mercedes-Benz, Audi, Ford, VW, and Honda.

The Ohio Lottery was forced to shut down some key systems after a cyberattack affected an undisclosed number of internal applications on Christmas Eve. "Additionally, winning numbers for KENO, Lucky One, and EZPLAY Progressive Jackpots are not available on our website or mobile app but can be checked at any Ohio Lottery Retailer."

Panasonic Avionics Corporation, a leading supplier of in-flight communications and entertainment systems, disclosed a data breach affecting an undisclosed number of individuals after its corporate network was breached more than one year ago, in December 2022. "On December 30, 2022, Panasonic identified evidence of an issue potentially impacting certain systems in our corporate network environment that occurred on or around December 14, 2022," the company said in data breach notification letters sent over the weekend.

Integris Health patients in Oklahoma are receiving blackmail emails stating that their data was stolen in a cyberattack on the healthcare network, and if they did not pay an extortion demand, the data would be sold to other threat actors. "INTEGRIS Health discovered potential unauthorized activity on certain systems," reads a data privacy notice on Integris Health's website.

Today, the Akira ransomware gang claimed that it breached the network of Nissan Australia, the Australian division of Japanese car maker Nissan.The attackers have threatened to leak sensitive business and client data online, as ransom negotiations with Nissan failed after the company either refused to engage or pay the ransom.

Two British teens who were members of the Lapsus$ gang have been sentenced for their roles in a cyber-crime spree that included compromising Uber, Nvidia, and fintech firm Revolut, and also blackmailing Grand Theft Auto maker Rockstar Games. Arion Kurtaj, 18, of Oxfordshire, was sentenced Thursday to detention at a hospital in the UK for an indefinite amount of time.