Tag Archive for: data

Ransomware Groups’ Data Leak Blogs Lie: Stop Trusting Them


Fraud Management & Cybercrime
,
Ransomware


March 15, 2024    

Ransomware Groups' Data Leak Blogs Lie: Stop Trusting Them
Ransomware leak sites are not reliable sources of data. (Shutterstock)

Ransomware gangs are not reliable sources of information. Groups that run data leak blogs – and not all do – use them to pressure new and future victims into paying for the promise of either a decryptor or a pledge to delete stolen data.

See Also: Live Webinar | Navigating Identity Threats: Detection & Response Strategies for Modern Security Challenges

The number of victims that end up on a data leak site is inherently incomplete. Victims who pay a ransom quickly don’t get posted; criminals don’t publish these numbers. In addition, “some groups post more of their nonpaying victims than others,” and it’s often not clear why, said Brett Callow, a threat analyst at Emsisoft.

As a result, relying on data leak blogs to build a picture of attack volume can lead to wildly inaccurate results, not only about victim count but about the impact of any given attack. Unfortunately, some cybersecurity organizations, often aided and abetted by us in the media, regularly track fresh victims claimed by ransomware groups via their Tor-based data leak blogs, aka “name and shame” sites.

“Relying on shame blogs is the last thing we should do while assessing a group threat,” said Yelisey Bohuslavskiy, chief research officer at RedSense. “Blogs reflect how often extortion fails, and the victim decides to show the criminals a middle finger. Often, the fewer victims are on the blogs, the more successful the group…

Source…

Personal data of 2.4m people and The Block votes allegedly stolen








MediaWorks hack claims: Personal data of 2.4m people and The Block votes allegedly stolen

































































































































ZB
ZB


























Source…

Greensboro College Experiences Bad Data Security Breach


Hackers who went after Greensboro College got some of the most valuable personal information hackers can get ­– Social Security numbers.

And, though the scope of the attack still isn’t completely clear, one sign that it was quite vast is that some of the stolen information involved a teacher who taught there a quarter of a century ago and has had no other relationship with the university since.

Greensboro College is now in the process of warning those affected by the security breach that happened in mid-2023.

Data theft victims have just received a letter stating: “Greensboro College is writing to notify you of a recent event that may affect the privacy of certain information related to you. This notice provides information about the event, our response, and resources available that we are offering at no cost to you to help protect your information from possible misuse, should you feel it appropriate to do so.”

The “What Happened?” section of the letter states that the college detected “potentially malicious activity” on some of its computer systems.

Once the college discovered the breach, college officials notified law enforcement agencies, and conducted an internal investigation to determine the extent of the problem. That investigation found that some computer systems were subject to unauthorized access between August 10, 2023 and August 21, 2023.

Some of the data stolen includes names and Social Security numbers.

The college completed its study in early February of 2024 and began sending out notices.

Greensboro College stated that it is now, “instituting additional technical safeguards and policies and procedures,” and added, “Our response to this event also included prompt reporting to law enforcement and notification to relevant state and federal regulators.”

Greensboro College is offering those affected access to 24 months of credit monitoring and identity theft protection services at no cost.

Source…

IT leaders think immutable data storage is an insurance policy against ransomware


IT leaders consider immutable storage as a must-have in the fight against cyberattacks, according to Scality.

immutable storage

Ransomware threats are now understood by organizations to be inevitable. Reports show 1 in 4 organizations that pay a ransom never get their data back, and just 16% are able to recover without paying a ransom.

This reinforces immutable data storage’s role as an essential last line of defense within a cybersecurity toolkit. With this type of storage, data cannot be deleted or modified once written, increasing data safety and ensuring organizations have the power to restore data with 100% accuracy in the event of a breach.

94% of IT leaders either already rely on such data storage or plan to implement it within the next 12 months, and an additional 2% plan to deploy it within the next three years.

69% consider this data storage essential to their corporate cybersecurity, and only 12% of those who deployed immutable data storage say it is not essential.

Vertical market and regional nuances

Comparisons among IT leaders surveyed across vertical industries and specific countries reveal many notable differences.

Vertical market

Manufacturing organizations (95%) are most likely to deploy immutable storage, and 84% consider it essential to their corporate cybersecurity. Financial services firms (74%) report the lowest reliance on this storage, and 60% say it’s essential to their corporate cybersecurity.

Regional

A majority of IT leaders across all regions currently use or plan to use immutable data storage: The US has the highest level of current or planned deployments, with 98% of respondents either having implemented it or planning to do so within the next year. This is followed by France at 96%, Germany at 94% and the UK at 85%.

While a relatively low number (12%) of IT leaders worldwide who currently use immutable data storage do not regard it as “essential” to their cybersecurity strategy, a larger percentage resides in the UK: 24% of UK respondents have deployed it but say it is not essential to their cybersecurity, compared to 11% in France, 9% in the US and 6% in Germany.

“Widespread deployment of immutable storage reinforces an increased awareness of…

Source…