Security News

Prescription orders hit after IT supplier Change Healthcare pulls plug on systems IT provider Change Healthcare has confirmed it shut down some of its systems following a cyberattack, disrupting...

CISA, the FBI, and the Environmental Protection Agency shared a list of defense measures U.S. water utilities should implement to better defend their systems against cyberattacks. The fact sheet they published today outlines the top eight actions U.S. Water and Wastewater Systems sector organizations can take to reduce cyberattack risks and boost their resilience against malicious activity.

German battery manufacturer Varta was forced to shut down its IT systems and stop production as a result of a cyberattack.The cyberattack occurred on Monday night and affected five of the company's production plants and the administration.

Battery maker VARTA AG announced yesterday that it was targeted by a cyberattack that forced it to shut down IT systems, causing production to stop at its plants.VARTA is a German manufacturer of batteries for the automotive, consumer, and industrial sectors, partially owned by Energizer Holdings.

UK utilities giant Southern Water admits between 5 and 10 percent of its customers have had their data stolen during a January cyberattack. In a letter sent to customers already, seen by El Reg, Southern Water said names, dates of birth, national insurance numbers, bank account numbers, sort codes, and payment reference numbers may have been stolen.

Prudential Financial has disclosed that its network was breached last week, with the attackers stealing employee and contractor data before being blocked from compromised systems one day later. "As of the date of this Report, we believe that the threat actor, who we suspect to be a cybercrime group, accessed Company administrative and user data from certain information technology systems and a small percentage of Company user accounts associated with employees and contractors," Prudential said.

The Information Technology Industry Council, which represents a laundry list of heavy hitters, expressed dissatisfaction over the proposed reporting rules, describing them as adding "Another hue of color to the kaleidoscope of incident reporting regimes" being passed by the US federal government of late. ITIC said the eight-hour reporting requirement was "Unduly burdensome and inconsistent" with other reporting rules, adding that the 72-hour update period "Does not reflect the shifting urgency throughout an incident response."

The US government today confirmed that China's Volt Typhoon crew comprised "Multiple" critical infrastructure org's IT networks, and warned that the state-sponored hackers are readying "Disruptive or destructive cyberattacks" against these targets. "Volt Typhoon's choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering operations, and the US authoring agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions," the 12 government agencies warned.

Lurie Children's Hospital said it pulled network systems offline as it continues to respond to "a cybersecurity matter" alongside outside experts and law enforcement agencies. "Lurie Children's Hospital said in a statement:"As Illinois' leading provider for pediatric care, our overarching priority is to continue providing safe, quality care to our patients and the communities we serve.

Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident. On August 11th, Clorox suffered a cyberattack that caused significant disruption in the company's operation, leading to lowered production and decreased availability of consumer products.