Cyberattack causes major disruptions for UK vet firm
CVS, a veterinary group that operates around 500 practices worldwide, announced on the London Stock Exchange they are experiencing significant operational disruptions due to a cyberattack. Of its operations, 450 practices are located in the UK, which bore the brunt of the impact, while the remaining few were unaffected. CVS revealed unauthorized access was gained to some of its IT systems, which prompted a shutdown. The company says the incident has expedited the group’s existing plan to transition its IT infrastructure to the cloud, a move expected to unfold over the next few weeks.
(Bleeping Computer), (BBC), (London Stock Exchange)
Data privacy bill pushes forward with bipartisan support
A push for data protection emerges as two prominent U.S. legislators announced they had reached a consensus on a bipartisan data privacy bill aimed at limiting the amount of consumer data that tech companies can collect. Senator Maria Cantwell (D-WA) and Representative Cathy McMorris Rodgers (R-WA) proposed legislation that not only allows individuals to control the sale and transfer of their personal information but also requires explicit consent for sharing sensitive data and offers the right to sue for privacy breaches. If passed, this would become the first comprehensive national law to protect consumers’ data.
Department of Justice hack exposes hundreds of thousands
An attack on a consulting firm that works with the Department of Justice (DOJ) has exposed the data of more than 340,000 people, according to a data breach report filed by the consulting firm last week. Greylock McKinnon Associates reported the breach occurred in May 2023 but was not discovered until February of this year. Medicare health insurance numbers, some medical information, and social security numbers were among the data accessed by the hackers. According to The Record, the consulting firm says it “deleted DOJ data from its systems after the incident.”
(The Record) , (Office of the Maine Attorney General)
Home Depot data leak
While Home Depot has not publicly admitted to a data breach, The Register has confirmed through a statement from the company that a third-party vendor accidentally exposed certain personal details of its employees, including names, work email addresses, and User IDs, during system testing. The incident was brought to light after a criminal, using the name IntelBroker, claimed to have posted information on 10,000 Home Depot employees on BreachForums. At this time, the breach does not appear to impact business operations or involve any customer financial data.
Huge thanks to our sponsor, Vanta
With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA.
Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires.
Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time.
Watch Vanta’s on-demand demo at vanta.com/ciso.
Change Healthcare ransomed again?
The Register reports that Change Healthcare, owned by UnitedHealth, is being extorted by a second ransomware gang while still recovering from a catastrophic attack by the BlackCat ransomware gang earlier this year. This time, RansomHub is claiming responsibility for the attack, reporting they’ve stolen 4 TB of the company’s data, including medical records and payment information. The group says the healthcare group has 12 days to pay the ransom and they only have “one chance in protecting your clients’ data.” As of this recording, Change Healthcare has not released any updates about this alleged ransom on their dedicated cyber response page.
(The Register), (UnitedHealth Group)
Bug bounty roundup increases to $30 million
Crowdfense, which describes themselves as a world-leading research hub and acquisition platform for high-quality zero-day exploits and advanced vulnerability research, announced an increase in their “Exploit Acquisition Program” to offer a total of $30 million in bounties. The company first announced their $10 million bug bounty program in 2019 but says they are not only upping the buying price but also extending the scope of research to areas like Enterprise Software, WiFi, and Messengers. It’s important to note, according to Security Affairs, zero-day brokers acquire zero-day exploits to resell them to intelligence and law enforcement agencies or government contractors.
(Security Affairs) , (Crowdfense)
Hackers hijack WordPress websites
The old cryptocurrency wallet drainer scam continues. Nearly 2,000 WordPress websites have been compromised to display deceptive pop-ups for NFTs and cryptocurrency discounts, tricking users into connecting their digital wallets to platforms that siphon off their funds. Security firm Sucuri initially found that hackers had breached around 1,000 WordPress sites to push these crypto drainers. But after not achieving their desired success, the hackers switched gears, now injecting scripts into these sites to aid in brute-force attacks on the admin passwords of other websites, creating a network of about 1,700 targeted sites.
New malware variant emerges
There’s a new malware in town. Threat hunters have identified a new malware, named Latrodectus, actively involved in email phishing campaigns since late November 2023. According to joint research by Proofpoint and Team Cymru, Latrodectus is a sophisticated downloader designed to evade detection and retrieve additional payloads for executing arbitrary commands. It’s believed to be developed by the same individuals responsible for the IcedID malware and is being used by initial access brokers (IABs) to spread further malware infections.