Security News

Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion
2024-01-12 13:23

The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data...

Halara probes breach after hacker leaks data for 950,000 people
2024-01-11 20:28

Popular athleisure clothing brand Halara is investigating a data breach after the alleged data of almost 950,000 customers was leaked on a hacking forum. Halara told BleepingComputer that it is aware that customer data was allegedly stolen and leaked online and is investigating a potential breach.

Capital Health attack claimed by LockBit ransomware, risk of data leak
2024-01-08 15:53

The LockBit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. The LockBit ransomware gang has now claimed responsibility for the attack on Capital Health by listing the healthcare company on its data leak extortion portal yesterday.

Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data
2024-01-02 17:29

The U.S. division of Xerox Business Solutions has been compromised by hackers with a limited amount of personal information possibly exposed, according to a statement by the parent company, Xerox Corporation. INC Ransom ransomware gang added the corporation to its extortion portal on December 29, claiming to have stolen sensitive data and confidential documents from its systems.

Yakult Australia confirms 'cyber incident' after 95 GB data leak
2023-12-27 09:10

Cybercrime actor DragonForce which claimed responsibility for the attack has also leaked 95 GB of data that it states, belongs to the company. In a statement to BleepingComputer, Yakult Australia confirmed it was investigating a cyber incident that occurred in mid-December.

Lapsus$ hacker behind GTA 6 leak gets indefinite hospital sentence
2023-12-21 20:42

Kurtaj who is 18 years of age and autistic is among the primary Lapsus$ threat actors, and was involved in the leak of assets associated with the video game, Grand Theft Auto VI. Sentenced to life in a 'secure hospital'. Arion Kurtaj, a member of the Lapsus$ cybercrime group, was sentenced indefinitely to a "Secure hospital" by a British judge, according to a BBC report.

OpenAI rolls out imperfect fix for ChatGPT data leak flaw
2023-12-21 16:44

OpenAI has mitigated a data exfiltration bug in ChatGPT that could potentially leak conversation details to an external URL. According to the researcher who discovered the flaw, the mitigation isn't perfect, so attackers can still exploit it under certain conditions. Security researcher Johann Rehberger discovered a technique to exfiltrate data from ChatGPT and reported it to OpenAI in April 2023.

Discord in the ranks: Lone Airman behind top-secret info leak on chat platform
2023-12-12 18:00

The US Air Force reached that conclusion in an August report [PDF] made public yesterday into the actions of Airman 1st Class Jack Teixeira, who was arrested in April on suspicion that he had stolen and shared classified military documents on a private Discord server that later found their way to the wider internet - and, presumably, into the hands of foreign governments. Per the USAF report, Teixeira "Was observed viewing intelligence content on TS-SCI websites" in August 2022, and while his supervisor was informed, the incident wasn't otherwise documented.

Navy contractor Austal USA confirms cyberattack after data leak
2023-12-06 17:16

Austal USA, a shipbuilding company and a contractor for the U.S. Department of Defense and the Department of Homeland Security confirmed that it suffered a cyberattack and is currently investigating the impact of the incident. Earlier today, the Hunters International ransomware and data extortion group claimed to have breached Austal USA and leaked some information as proof of the intrusion.

British Library begins contacting customers as Rhysida leaks data dump
2023-11-29 12:30

The Rhysida ransomware group has published most of the data it claimed to have stolen from the British Library a month after the attack was disclosed. The Register has not examined any of the data posted online, but a cursory perusal of the file trees leaked to Rhysida's website appears to show data related to various British Library departments, functions, and stakeholders.