Security News

German Privacy Watchdog Fines H&M $41M for Spying on Workers
2020-10-02 03:42

A German privacy watchdog said Thursday that it is fining clothing retailer H&M 35.3 million euros after the company was found to have spied on some of its employees in Germany. Hamburg's data protection commissioner said in a statement that the Swedish company collected private information about employees at a customer service center in Nuremberg, "Ranging from rather harmless details to family issues and religious beliefs."

Doppelpaymer ransomware crew fingered for attack on German hospital that caused death of a patient
2020-09-23 16:26

The Doppelpaymer ransomware gang were behind the cyber-attack on a German hospital that led to one patient's death, according to local sources. The Aachener Zeitung newspaper carried a report from the German Press Association that Doppelpaymer's eponymous ransomware had been introduced to the University Hospital Düsseldorf's network through a vulnerable Citrix product.

Doppelpaymer ransomware crew fingered over attack on German hospital that allegedly caused death of a patient
2020-09-23 16:26

The Doppelpaymer ransomware gang were behind the cyber-attack on a German hospital that led to one patient's death, according to local sources. The Aachener Zeitung newspaper carried a report from the German Press Association that Doppelpaymer's eponymous ransomware had been introduced to the University Hospital Düsseldorf's network through a vulnerable Citrix product.

German Experts See Russian Link in Deadly Hospital Hacking
2020-09-22 12:46

German authorities probing a cyber attack on a hospital's IT system that led to a fatal delay in treatment for a critically ill woman believe the software used can be traced back to Russian hackers. In an update to lawmakers published on Tuesday, prosecutors wrote that hackers used malware known as "Doppelpaymer" to disable computers at Duesseldorf University Hospital on September 10, aiming to encrypt data and then demand payment to unlock it again.

A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems
2020-09-21 03:34

German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The attack, which exploited a Citrix ADC CVE-2019-19781 vulnerability to cripple the hospital systems on September 10, is said to have been "Misdirected" in that it was originally intended for Heinrich Heine University, according to an extortion note left by the perpetrators.

German Hospital Hacked, Patient Taken to Another City Dies
2020-09-17 13:30

German authorities said Thursday that what appears to have been a misdirected hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment. As a consequence, systems gradually crashed and the hospital wasn't able to access data; emergency patients were taken elsewhere and operations postponed.

BlueLeaks Server Seized By German Police: Report
2020-07-09 14:09

German authorities have reportedly seized a server hosting the massive BlueLeaks data dump, which was released earlier in June and exposed thousands of sensitive police department and law enforcement files. "We have received official confirmation that #DDoSecrets' primary public download server was seized by German authorities," said Emma Best, founder of DDoSecrets, in a Tuesday Twitter post.

German Court Orders Facebook to Rein in Data Collection
2020-06-24 04:01

A top German court on Tuesday ordered Facebook to stop merging data collected through its Whatsapp and Instagram subsidiaries or other websites unless users explicitly agree, in a legal victory for competition authorities. Germany's Federal Cartel Office had told Facebook to rein in the data collecting in a landmark decision in 2019, but the social media giant appealed the order.

Phishing Attack Hits German Coronavirus Task Force
2020-06-08 15:16

Researchers are warning of an ongoing phishing attack that's targeting the credentials of more than 100 high-profile executives at a German multinational corporation that's tasked with procuring coronavirus medical gear for Germany. The company, left unnamed by researchers, is part of a task force created March 30 by the German government and the private sector to procure personal protective equipment for healthcare workers on the front lines of COVID-19, such as face masks and medical equipment.

Hackers Target German Firm Tasked With Procuring COVID-19 Medical Equipment
2020-06-08 13:42

One of the several multinational corporations enlisted by the German government to help it obtain personal protective equipment for the care of COVID-19 patients has been targeted in an ongoing phishing campaign, IBM reported on Monday. According to IBM, a threat actor has targeted more than 100 high-ranking people within this company, which is part of Germany's Task Force Personal Protective Equipment, whose members leverage their contact networks, particularly in China, to secure PPE. The attackers have targeted executives within the organization, as well as its supply chain partners, and IBM believes the same group likely also targeted other members of the task force.